Date: Sun, 6 Oct 1996 21:32:19 +1000 From: Bruce Evans <bde@zeta.org.au> To: bde@zeta.org.au, michaelh@cet.co.jp Cc: current@freebsd.org Subject: Re: secure level diffs to kern_mib.c, LINT Message-ID: <199610061132.VAA25153@godzilla.zeta.org.au>
next in thread | raw e-mail | index | archive | help
>What changes would be necessary to *guarantee* that the system increments >securelevel to 1, *before* any deamons are started? Set the securelevel to 1 in the kernel or use sysctl to set it before starting any daemons :-), e.g. by booting with -s or setting it near the start of /etc/rc. Setting it to 0 in the kernel doesn't do this - then /etc/rc is run in single-user mode at securelevel 0, as it must to write to disks, and daemons are started at securelevel 0 and any disk writing permissions that they gain live across changes to securelevel. >I'm less concerned with putting securelevel=2 in rc, because this is just >locking another deadbolt and isn't as critical as the transition from 0 to >1. Actually, securelevel 1 is normally so insecure that it shouldn't be used. It essentially only provides write protection of /dev/mem and /dev/kmem. The write protection on mounted disks is worthless becauses there are lots of aliases. Even plain BSD has a whole disk partition, and FreeBSD has lots of slices and SCSI control devices. Perhaps this can be worked around by deleting the aliases. Bruce
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199610061132.VAA25153>