From owner-freebsd-hackers@FreeBSD.ORG  Sun Jun 29 04:47:10 2008
Return-Path: <owner-freebsd-hackers@FreeBSD.ORG>
Delivered-To: hackers@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34])
	by hub.freebsd.org (Postfix) with ESMTP id A2A7D106564A
	for <hackers@freebsd.org>; Sun, 29 Jun 2008 04:47:10 +0000 (UTC)
	(envelope-from dan@dan.emsphone.com)
Received: from dan.emsphone.com (dan.emsphone.com [199.67.51.101])
	by mx1.freebsd.org (Postfix) with ESMTP id 6E8588FC0C
	for <hackers@freebsd.org>; Sun, 29 Jun 2008 04:47:10 +0000 (UTC)
	(envelope-from dan@dan.emsphone.com)
Received: from dan.emsphone.com (smmsp@localhost [127.0.0.1])
	by dan.emsphone.com (8.14.3/8.14.2) with ESMTP id m5T4l9f4076241
	(version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO)
	for <hackers@freebsd.org>; Sat, 28 Jun 2008 23:47:09 -0500 (CDT)
	(envelope-from dan@dan.emsphone.com)
Received: (from dan@localhost)
	by dan.emsphone.com (8.14.3/8.14.2/Submit) id m5T4l9rg076240;
	Sat, 28 Jun 2008 23:47:09 -0500 (CDT) (envelope-from dan)
Date: Sat, 28 Jun 2008 23:47:09 -0500
From: Dan Nelson <dnelson@allantgroup.com>
To: Ivaylo Mateev <mateev@cns-consulting.org>
Message-ID: <20080629044709.GA76555@dan.emsphone.com>
References: <200806290313.21720.mateev@cns-consulting.org>
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <200806290313.21720.mateev@cns-consulting.org>
X-OS: FreeBSD 7.0-STABLE
User-Agent: Mutt/1.5.18 (2008-05-17)
Cc: hackers@freebsd.org
Subject: Re: Securelevels
X-BeenThere: freebsd-hackers@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: Technical Discussions relating to FreeBSD
	<freebsd-hackers.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-hackers>, 
	<mailto:freebsd-hackers-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-hackers>
List-Post: <mailto:freebsd-hackers@freebsd.org>
List-Help: <mailto:freebsd-hackers-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-hackers>,
	<mailto:freebsd-hackers-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Sun, 29 Jun 2008 04:47:10 -0000

In the last episode (Jun 29), Ivaylo Mateev said:
> I think I found a bug.
> 
> [strato@darkstar /usr/home/strato]$ sudo sysctl kern.securelevel
> kern.securelevel: 2
> [strato@darkstar /usr/home/strato]$ kgdb
> kgdb: /dev/mem: Permission denied
> [strato@darkstar /usr/home/strato]$ sudo kgdb
> [GDB will not be able to debug user-mode threads: /usr/lib/libthread_db.so: 
> Undefined symbol "ps_pglobal_lookup"]
> GNU gdb 6.1.1 [FreeBSD]
> 
> I am running in securelevel 2. That means nithing can have direct access 
> to /dev/mem, acording to man security:
> 
> 1 Secure mode - the system immutable and system append-only flags may
>   not be turned off; disks for mounted file systems, /dev/mem and
>   /dev/kmem may not be opened for writing; /dev/io (if your platform
>   has it) may not be opened at all; kernel modules (see kld(4)) may
>   not be loaded or unloaded.
> 
> 2 Highly secure mode - same as secure mode, plus disks may not be
>   opened for writing (except by mount(2)) whether mounted or not.
>   This level precludes tampering with file systems by unmounting
>   them, but also inhibits running newfs(8) while the system is multi-
>   user.

# truss kgdb < /dev/null |& grep /dev/mem
open("/dev/mem",O_RDONLY,00)                     = 4 (0x4)
#

Read-only opens of /dev/mem are allowed.  "kgdb -w" should fail,
however.

-- 
	Dan Nelson
	dnelson@allantgroup.com