From owner-freebsd-security  Tue Jun 29  0:40:58 1999
Delivered-To: freebsd-security@freebsd.org
Received: from beach.silcom.com (beach.silcom.com [199.201.128.19])
	by hub.freebsd.org (Postfix) with ESMTP id E954415383
	for <security@FreeBSD.ORG>; Tue, 29 Jun 1999 00:40:29 -0700 (PDT)
	(envelope-from brian@CSUA.Berkeley.EDU)
Received: from smarter.than.nu (pm0-21.vpop1.avtel.net [207.71.237.21])
	by beach.silcom.com (Postfix) with ESMTP
	id 665F794E; Tue, 29 Jun 1999 00:39:40 -0700 (PDT)
Date: Tue, 29 Jun 1999 00:39:09 -0700 (PDT)
From: "Brian W. Buchanan" <brian@CSUA.Berkeley.EDU>
X-Sender: brian@smarter.than.nu
To: "Vladimir Mencl, MK, susSED" <mencl@nenya.ms.mff.cuni.cz>
Cc: security@FreeBSD.ORG
Subject: Re: ssh from windows
In-Reply-To: <Pine.SO4.4.05.9906290827060.2031-100000@nenya>
Message-ID: <Pine.BSF.4.05.9906290036260.78068-100000@smarter.than.nu>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Sender: owner-freebsd-security@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.org

On Tue, 29 Jun 1999, Vladimir Mencl, MK, susSED wrote:

>    BTW, is there any way of limiting attaching to system processes at
> higher securelevels? I was thinking about attaching to init (because
> "init can lower securelevel"), but I received a "permission denied" at
> securelevel 2, and a signal 11 at securelevel -1 ???? I don't know why,
> I received it not only in 'gdb `which init` 1', but also in a later
> 'gdb `which gdb` gdb.core'    ... is init protected against debugging 
> in a special way?

Yes, init cannot be attached to by a debugger when securelevel > 0.  This
change was made a good while back after I pointed out that it was possible
to lower the securelevel by this method.  I believe that the kernel was
also later changed to not allow the securelevel to be lowered by any
process, period.  I don't think it should be causing gdb to crash, though.

-- 
Brian Buchanan                                     brian@CSUA.Berkeley.EDU
--------------------------------------------------------------------------
FreeBSD - The Power to Serve!                       http://www.freebsd.org



To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message