Date: Fri, 14 Apr 2023 08:46:22 -0700 From: Carl Johnson <carlj@peak.org> To: freebsd-questions@freebsd.org Subject: Re: filesystem labels? Message-ID: <86y1mu8o1d.fsf@bay.localnet> In-Reply-To: <20230414084139.8b2d91dc.freebsd@edvax.de> (Polytropon's message of "Fri, 14 Apr 2023 08:41:39 %2B0200") References: <A150BA2A-0669-4079-9978-44805FD4E851@gushi.org> <20230413111708.62d8c8d3.freebsd@edvax.de> <82C015E0-71B9-4189-AA84-71219CA14E73@gushi.org> <20230414084139.8b2d91dc.freebsd@edvax.de>
next in thread | previous in thread | raw e-mail | index | archive | help
Polytropon <freebsd@edvax.de> writes: > > NB: Dealing with gpart partition creation and destruction > sometimes requires you to set > > # sysctl kern.geom.debugflags=16 > > in order to override some security mechanisms which could > interfere with what you're intending. But don't ask me where > this has been properly documented... ;-) That is somewhat documented in the geom(4) manpage. That is covered as: 0x10 (allow foot shooting) Allow writing to Rank 1 providers. This would, for example, allow the super-user to overwrite the MBR on the root disk or write random sectors elsewhere to a mounted disk. The implications are obvious. There are settings for bits 0x01 - 0x80. -- Carl Johnson carlj@peak.org
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?86y1mu8o1d.fsf>