From owner-freebsd-security  Sat Jun 13 05:19:38 1998
Return-Path: <owner-freebsd-security@FreeBSD.ORG>
Received: (from majordom@localhost)
          by hub.freebsd.org (8.8.8/8.8.8) id FAA11187
          for freebsd-security-outgoing; Sat, 13 Jun 1998 05:19:38 -0700 (PDT)
          (envelope-from owner-freebsd-security@FreeBSD.ORG)
Received: from cheops.anu.edu.au (avalon@cheops.anu.edu.au [150.203.76.24])
          by hub.freebsd.org (8.8.8/8.8.8) with ESMTP id FAA11181
          for <security@FreeBSD.ORG>; Sat, 13 Jun 1998 05:19:33 -0700 (PDT)
          (envelope-from avalon@coombs.anu.edu.au)
Message-Id: <199806131219.FAA11181@hub.freebsd.org>
Received: by cheops.anu.edu.au
	(1.37.109.16/16.2) id AA076260349; Sat, 13 Jun 1998 22:19:09 +1000
From: Darren Reed <avalon@coombs.anu.edu.au>
Subject: Re: bsd securelevel patch question
To: dima@best.net
Date: Sat, 13 Jun 1998 22:19:09 +1000 (EST)
Cc: jayrich@room101.sysc.com, security@FreeBSD.ORG
In-Reply-To: <199806130357.UAA06923@burka.rdy.com> from "Dima Ruban" at Jun 12, 98 08:57:10 pm
X-Mailer: ELM [version 2.4 PL23]
Content-Type: text
Sender: owner-freebsd-security@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.org

In some mail from Dima Ruban, sie said:
> 
> Jay Richmond writes:
> > Hello,
> > 
> > Just wondering if we should expect an official patch for the securelevel
> > problem that's affecting all the BSD's, or if the one provided in the
> > recent exploit is being recommended?
> 
> According to Thomas Ptacek, this is not exactly a bug, and after thinking some
> more about it, I kinda agree with him. (Feature, not a bug)

Given it is exploitable, whether or not it is a feature, is irrelevant.
It permits the protection intended by securelevel over /dev/kmem to be
bypassed, reducing the overall security of the system.

Darren

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe security" in the body of the message