Re: gpart destroy, zpool destroy, zfs destroy under securelevel 3
On 29.05.2014 12:56, Vladimir Sharun wrote: > Hello, > >> if you have root privileges you can just write some random bytes in some >> places and this will be enough to break your system. So, restricting >> some gpart's or zpool's actions depending from securelevel looks like >> protection from kids. > > Having root under securelevel 3 confirmed disallows you to: > 1) Direct write to the block devices such as (a)da > 2) Change rules and/or shutdown pf > 3) Remove system flags such as schg, sunlnk > > I think your statement true in case of securelevel -1, we're talking about > the highest one - 3, which shown in logs. Ok, you are right. But geom_dev restricts access only from user level applications. When GEOM object does access directly via GEOM methods this protection won't work. And it seems it isn't easy to fix, all classes should have own check. -- WBR, Andrey V. Elsukov signature.asc Description: OpenPGP digital signature
Re: gpart destroy, zpool destroy, zfs destroy under securelevel 3
On 26.05.2014 17:31, Vladimir Sharun wrote: > Hello FreeBSD community, > > Recently plays with securelevel and what I discover: no chance for > data to survive against remote root, except backups of course. Maybe > this log can be a proposal for raising securelevel further or include > securelevel support against the software which can deal with zfs and > GEOM labels ? Hi, if you have root privileges you can just write some random bytes in some places and this will be enough to break your system. So, restricting some gpart's or zpool's actions depending from securelevel looks like protection from kids. -- WBR, Andrey V. Elsukov ___ freebsd-current@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-current To unsubscribe, send any mail to "freebsd-current-unsubscr...@freebsd.org"