> > > I like the ability at secure level 3 to only reset the counters forward.. > > > It fits in with such things as the "append only" flag. > > > > Then we'd have to implement per-rule counters that default to > > IPFW_VERBOSE_LIMIT but that could be changed to anything. That's a very > > different setup than what we currently have. > > > > (Another thing I just thought of is that this could cause DoS attacks on > > the system if a user compromised root and then set the limit to a very > > high number.) > > This is already possible via sysctl, the VERBOSE_LIMIT variable may be > altered. Can this be altered in securelevel==3? Nate To Unsubscribe: send mail to [EMAIL PROTECTED] with "unsubscribe freebsd-hackers" in the body of the message
- Re: securelevel and ipfw zero Brian F. Feldman
- Re: securelevel and ipfw zero Matthew Dillon
- Re: securelevel and ipfw zero Brian F. Feldman
- Re: securelevel and ipfw zero Matthew Dillon
- Re: securelevel and ipfw zero Brian F. Feldman
- Re: securelevel and ipfw zero Julian Elischer
- Re: securelevel and ipfw zero Nate Williams
- Re: securelevel and ipfw zero Achim Patzner
- Re: securelevel and ipfw zero Nate Williams
- Re: securelevel and ipfw zero Joe Greco
- Re: securelevel and ipfw zero Nate Williams
- Re: securelevel and ipfw zero Joe Greco
- Re: securelevel and ipfw zero Matthew Dillon
- securelevel too course-grained? Sheldon Hearn
- Re: securelevel too course-grained? Matthew Dillon
- Re: securelevel too course-grained? Warner Losh
- Re: securelevel and ipfw zero Mike Pritchard
- Re: securelevel and ipfw zero Matthew Dillon
- Re: securelevel and ipfw zero Nate Williams
- Re: securelevel and ipfw zero Matthew Dillon
- Re: securelevel and ipfw zero Nate Williams
