Date: Sun, 19 Apr 1998 16:29:31 -0400 (EDT) From: Robert Watson <robert@cyrus.watson.org> To: John-Mark Gurney <gurney_j@resnet.uoregon.edu> Cc: Cy Schubert - ITSD Open Systems Group <cschuber@uumail.gov.bc.ca>, Philippe Regnauld <regnauld@deepo.prosa.dk>, freebsd-security@FreeBSD.ORG Subject: Re: kernel permissions Message-ID: <Pine.BSF.3.96.980419161203.18223G-100000@trojanhorse.pr.watson.org> In-Reply-To: <19980419130711.01465@hydrogen.nike.efn.org>
next in thread | previous in thread | raw e-mail | index | archive | help
On Sun, 19 Apr 1998, John-Mark Gurney wrote: > you know, there is a security hole in the /etc/rc scripts... > > inetd is run before the /etc/rc scripts are finished, which means that > there is a [significant] amount of time where inetd is started but the > machine hasn't raised the securelevel of the system... this can be > compounded if you have atalk on the system as it will take a while to > start up making the window all that much larger... My feeling was that the secure level needed to be raised before a number of the daemons start to prevent any racing conditions, and hence having a number of securelevels, gradually increasing the restrictions on the system as possible during the boot process (i.e., as soon as ipfw is configured correctly, disallow modification of ipfw settings, etc). Would using multiple rc scripts be desirable, or should we just have... rc: ... (trusted daemons) # bump securelevel sysctl -w kern.securelevel=2 ... (less trusted daemons) # bump securelevel sysctl -w kern.securelevel=3 ... (least trusted daemons) And so on. Robert N Watson ---- Carnegie Mellon University http://www.cmu.edu/ Trusted Information Systems http://www.tis.com/ SafePort Network Services http://www.safeport.com/ robert@fledge.watson.org http://www.watson.org/~robert/ To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.BSF.3.96.980419161203.18223G-100000>