> I'm sure this topic has been discussed to death in core, arch
> and stable. But this 'kernel_securelevel' has got to be
> amoung the screwyist ideas to date.
Do you have a better one? If so, I'm sure many people would like to
hear about it. I agree that securelevel is imperfect to say the
least, but knowledge of what it can and cannot do may help you stop an
attacker (albeit, a not-so-bright one, but most attackers fall in this
category) from completely trashing your system. The only apparent
downside is that it may provide a false sense of security to those who
don't know what it is, but that's more a result of lack of
documentation or user education than a fault of the implementation.
> Note: Flames to me will hit /dev/null
>From the magnitude of the thread on OpenBSD's mailing lists about ssh
being evil (yes, the one you started), I'd say you are quite incapable
of piping flames (which this message is not) to /dev/null. No
pun/offense/whatever intended. I'm just expressing my opinion.
Regards
Dima Dorfman
[EMAIL PROTECTED]
To Unsubscribe: send mail to [EMAIL PROTECTED]
with "unsubscribe freebsd-stable" in the body of the message
