On Fri, 8 Sep 2000, Vivek Khera wrote:
> >>>>> "BE" == Bruce Evans <[EMAIL PROTECTED]> writes:
> BE> revision 1.9
> BE> holes. People maintaining a machine with higher security requirements
> BE> need to be on the console anyway, so there's no point in not forcing
> BE> them to reboot before starting maintenance.
> That last sentence makes me think that the person who decided this
> does not use a network to update that machine, ie NFS mounting
> /usr/src. It is a royal PITA to get networking up and going after a
> single-user reboot to get out of secure level.
He would probably say that using nfs is inconsistent with being secure.
If you only use nfs for updating the machine, then the PITA for securing
it then may be larger than the PITA for starting networking.
> Perhaps one of the secure level restrictions should be that you cannot
> attach to pid 1 via the debugger.
This was implemented at about the same time as rev.1.9.
> Does the kernel have an idea of single user mode or is that purely a
> user space thing? Perhaps the kernel could drop the restrictions when
> in single user mode itself.
It's almost pure user space.
To Unsubscribe: send mail to [EMAIL PROTECTED]
with "unsubscribe freebsd-current" in the body of the message