Skip site navigation (1)Skip section navigation (2)
Date:      Tue, 07 Sep 1999 14:00:16 +0900
From:      KATO Takenori <kato@ganko.eps.nagoya-u.ac.jp>
To:        dillon@apollo.backplane.com
Cc:        gjb-freebsd@gba.oz.au, des@flood.ping.uio.no, kato@ganko.eps.nagoya-u.ac.jp, bde@zeta.org.au, freebsd-hackers@FreeBSD.ORG, freebsd-security@FreeBSD.ORG
Subject:   Re: Init(8) cannot decrease securelevel 
Message-ID:  <19990907140016E.kato@gneiss.eps.nagoya-u.ac.jp>
In-Reply-To: Your message of "Mon, 6 Sep 1999 21:20:55 -0700 (PDT)" <199909070420.VAA77483@apollo.backplane.com>
References:  <199909070420.VAA77483@apollo.backplane.com>

next in thread | previous in thread | raw e-mail | index | archive | help
Matthew Dillon <dillon@apollo.backplane.com> wrote:

>    I disagree quite strongly.  DDB provides a mechanism to allow a
>    sysadmin to obtain a greater amount of information from a panic
>    situation then he could get otherwise.  Being able to obtain this
>    information does not run counter to running with a raised securelevel.
> 
>    If the system winds up in a state where a kernel core cannot be
>    generated, DDB is the only way to figure out what is going on.  
>    securelevel is a mechanism which attempts to guarentee data security,
>    at least to a degree.  These two items do not clash.

If console works and crackers can use it, protecting securelevel from
DDB does not provide enough security.  Though securelevel cannot be
changed,

	(1) Turn off power.
	(2) Boot as single-user mode.
	(3) Do what crackers want.

or

	(1) Turn off power.
	(2) Remove HDD.
	(3) Mount on another FreeBSD box.
	(4) Edit a file in the HDD.
	(5) Return HDD.
	(6) Reboot.

is available.

-----------------------------------------------+--------------------------+
KATO Takenori <kato@ganko.eps.nagoya-u.ac.jp>  |        FreeBSD           |
Dept. Earth Planet. Sci, Nagoya Univ.          |    The power to serve!   |
Nagoya, 464-8602, Japan                        |  http://www.FreeBSD.org/ |
++++ FreeBSD(98) 3.2:   Rev. 01 available!     |http://www.jp.FreeBSD.org/|
++++ FreeBSD(98) 2.2.8: Rev. 02 available!     +==========================+


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message




Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?19990907140016E.kato>