-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Doesn't securelevel completely mitigate this even for root users anyway, if set? Setting securelevel denies raw access to disk devices and kmem in this way does it not?
- -- Craig Edwards Dan Lukes wrote: > Colin Percival napsal/wrote: >>> A user in the "operator" group can read the contents of kernel memory. >>> Such memory might contain sensitive information, such as portions of >>> the file cache or terminal buffers. This information might be directly >>> useful, or it might be leveraged to obtain elevated privileges in some >>> way; for example, a terminal buffer might include a user-entered >>> password. - -- OpenPGP Key ID: 0x49B959F7 "Better to reign in Hell than to serve in Heaven" -- Milton -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.4 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQFFdwdqCd57Ikm5WfcRAmx9AKDCtIqEj5lREwepRoFfcnMJNGwixQCfQ3WI c34CNp+R5Zsgl/PyE32Qr0c= =lRB+ -----END PGP SIGNATURE----- _______________________________________________ [email protected] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-security To unsubscribe, send any mail to "[EMAIL PROTECTED]"
