Date: Fri, 5 Oct 2001 10:08:32 +0100 From: Rasputin <rasputin@submonkey.net> To: security@freebsd.org Subject: Re: Kernel-loadable Root Kits Message-ID: <20011005100832.A547@shikima.mine.nu> In-Reply-To: <20011004173535.0A2DE3B19D@gemini.nersc.gov>; from dart@nersc.gov on Thu, Oct 04, 2001 at 10:35:34AM -0700 References: <20011004023034.U8391@blossom.cjclark.org> <20011004173535.0A2DE3B19D@gemini.nersc.gov>
next in thread | previous in thread | raw e-mail | index | archive | help
* Eli Dart <dart@nersc.gov> [011004 19:30]: > > In reply to "Crist J. Clark" <cristjc@earthlink.net> : > > [snip] > > > Have fun. Unless there is outpouring from people who love the idea, > > I'm not going to commit these to FreeBSD. > > Please consider this as part of an outpouring of support from people > who love the idea. "me too". Isn't this fairly common among the other BSDs as well? An alternative to securelevel is sometimes useful, and KLDs are a fairly well-known attack method against *BSD. I don't see any harm in adding it as an option - it's doesn't have to (definitely shouldn't be) the default, of course. > I don't always have the option of running a box > in securelevel 1, and I would like to have this knob available, even > though it doesn't fix the problem all the way. Something similar > used to exist in FreeBSD 3.x -- I was sorry when it went away. > > --eli -- Rasputin :: Jack of All Trades - Master of Nuns :: To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20011005100832.A547>