Date: Sun, 9 Jul 2000 12:07:05 -0700 From: Alfred Perlstein <bright@wintelcom.net> To: Adam <bsdx@looksharp.net> Cc: arch@FreeBSD.ORG Subject: Re: making the snoop device loadable. Message-ID: <20000709120705.Q25571@fw.wintelcom.net> In-Reply-To: <Pine.BSF.4.21.0007091453481.407-100000@turtle.looksharp.net>; from bsdx@looksharp.net on Sun, Jul 09, 2000 at 02:57:02PM -0400 References: <17526.963166640@critter.freebsd.dk> <Pine.BSF.4.21.0007091453481.407-100000@turtle.looksharp.net>
next in thread | previous in thread | raw e-mail | index | archive | help
* Adam <bsdx@looksharp.net> [000709 11:57] wrote: > On Sun, 9 Jul 2000, Poul-Henning Kamp wrote: > > >In message <Pine.BSF.4.21.0007091411480.407-100000@turtle.looksharp.net>, Adam > >writes: > >>On Sun, 9 Jul 2000, Poul-Henning Kamp wrote: > >> > >>> > >>>>If this change goes in, what do you do if you wish not to have snooping > >>>>capable through the snp device and do not wish to lock unneccessary parts > >>>>of the system down with securelevel? > >>> > >>>You do the same as before: Hold on tight to your root password. > >> > >>I dont like kernel changes that make the kernel do less babysitting and me > >>more. Tough, I guess. > > > >You have always needed to babysit your root password. > > Ok, I give in to the argument. I would just like to make a wish. On Jan > 24 1999 peter took the NO_LKM option out of LINT. I assume the support > for it in other files was removed around that time also. Could someone > implement a NO_KLD option so you dont need to use securelevel > 0 so > people have an obvious option and dont have to know the kernel well enough > to hack syscalls.master? More security through obscurity when /dev/mem and /dev/kmem are accessable. Bite the bullet and up your securelevel! -Alfred To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-arch" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20000709120705.Q25571>