Date: Wed, 20 Dec 2000 17:40:56 -0800 From: Kris Kennaway <kris@FreeBSD.ORG> To: Mark Zielinski <markz@2cactus.com> Cc: Kris Kennaway <kris@FreeBSD.ORG>, Alfred Perlstein <bright@wintelcom.net>, cjclark@alum.mit.edu, freebsd-security@FreeBSD.ORG Subject: Re: Read-Only Filesystems Message-ID: <20001220174056.C22288@citusc.usc.edu> In-Reply-To: <3A40BED3.1070909@2cactus.com>; from markz@2cactus.com on Wed, Dec 20, 2000 at 02:14:43PM %2B0000 References: <20001219114936.A23819@rfx-64-6-211-149.users.reflexco> <20001219120953.S19572@fw.wintelcom.net> <20001219211642.D13474@citusc.usc.edu> <3A40BED3.1070909@2cactus.com>
next in thread | previous in thread | raw e-mail | index | archive | help
--XMCwj5IQnwKtuyBG Content-Type: text/plain; charset=us-ascii Content-Disposition: inline On Wed, Dec 20, 2000 at 02:14:43PM +0000, Mark Zielinski wrote: > This is a attack that we fixed in SecureBSD by not allowing > filesystems to be un-mounted and re-mounted back in May of 1999. > We added security checks to the mount() and unmount() system calls > based upon a MIB called securebsd.options.mount which could be > turned on or off depending upon your securelevel setting. The argument is that securelevel is fundamentally flawed and fairly useless as a security feature, unless you treat every system reboot (expected or not) as a potential compromise. Kris --XMCwj5IQnwKtuyBG Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.4 (GNU/Linux) Comment: For info see http://www.gnupg.org iD8DBQE6QV+nWry0BWjoQKURAguTAJ4nuC/3p4s5PlhPWdlpgVsRWWJZ0gCg7tH3 Ov/N9O5lNq+yNeE+Y8Isbag= =sUiM -----END PGP SIGNATURE----- --XMCwj5IQnwKtuyBG-- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20001220174056.C22288>