Author: obrien
Date: Mon Jul 2 08:21:15 2012
New Revision: 237979
URL: http://svn.freebsd.org/changeset/base/237979
Log:
MFC: r228475 & r228487: Disallow various debug.kdb sysctl's when securelevel
is raised.
PR: 161350
Modified:
stable/9/sys/kern/kern_shutdown.c
Directory Properties:
stable/9/ (props changed)
stable/9/sys/ (props changed)
Modified: stable/9/sys/kern/kern_shutdown.c
==============================================================================
--- stable/9/sys/kern/kern_shutdown.c Mon Jul 2 08:09:07 2012
(r237978)
+++ stable/9/sys/kern/kern_shutdown.c Mon Jul 2 08:21:15 2012
(r237979)
@@ -100,8 +100,9 @@ int debugger_on_panic = 0;
#else
int debugger_on_panic = 1;
#endif
-SYSCTL_INT(_debug, OID_AUTO, debugger_on_panic, CTLFLAG_RW | CTLFLAG_TUN,
- &debugger_on_panic, 0, "Run debugger on kernel panic");
+SYSCTL_INT(_debug, OID_AUTO, debugger_on_panic,
+ CTLFLAG_RW | CTLFLAG_SECURE | CTLFLAG_TUN,
+ &debugger_on_panic, 0, "Run debugger on kernel panic");
TUNABLE_INT("debug.debugger_on_panic", &debugger_on_panic);
#ifdef KDB_TRACE
@@ -109,8 +110,9 @@ static int trace_on_panic = 1;
#else
static int trace_on_panic = 0;
#endif
-SYSCTL_INT(_debug, OID_AUTO, trace_on_panic, CTLFLAG_RW | CTLFLAG_TUN,
- &trace_on_panic, 0, "Print stack trace on kernel panic");
+SYSCTL_INT(_debug, OID_AUTO, trace_on_panic,
+ CTLFLAG_RW | CTLFLAG_SECURE | CTLFLAG_TUN,
+ &trace_on_panic, 0, "Print stack trace on kernel panic");
TUNABLE_INT("debug.trace_on_panic", &trace_on_panic);
#endif /* KDB */
_______________________________________________
svn-src-all@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/svn-src-all
To unsubscribe, send any mail to "svn-src-all-unsubscr...@freebsd.org"
