Date: Sat, 13 Jun 1998 23:03:30 -0700 (PDT) From: dima@best.net (Dima Ruban) To: avalon@coombs.anu.edu.au (Darren Reed) Cc: dima@best.net, jayrich@room101.sysc.com, security@FreeBSD.ORG Subject: Re: bsd securelevel patch question Message-ID: <199806140603.XAA25570@burka.rdy.com> In-Reply-To: <199806131219.FAA15482@flea.best.net> from Darren Reed at "Jun 13, 98 10:19:09 pm"
next in thread | previous in thread | raw e-mail | index | archive | help
Darren Reed writes:
> In some mail from Dima Ruban, sie said:
> >
> > Jay Richmond writes:
> > > Hello,
> > >
> > > Just wondering if we should expect an official patch for the securelevel
> > > problem that's affecting all the BSD's, or if the one provided in the
> > > recent exploit is being recommended?
> >
> > According to Thomas Ptacek, this is not exactly a bug, and after thinking some
> > more about it, I kinda agree with him. (Feature, not a bug)
>
> Given it is exploitable, whether or not it is a feature, is irrelevant.
> It permits the protection intended by securelevel over /dev/kmem to be
> bypassed, reducing the overall security of the system.
Hmm, this is not exactly bypassing a protection, you know.
Mainly because this protection is simply not targeted for this.
1 Secure mode - the system immutable and system append-only flags may
not be turned off; disks for mounted filesystems, /dev/mem, and
/dev/kmem may not be opened for writing.
(this is from man init)
I don't see exactly how it violates anything.
>
> Darren
>
-- dima
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199806140603.XAA25570>