Re: Init(8) cannot decrease securelevel

KATO Takenori Tue, 7 Sep 1999 02:40:23 -0700 (PDT) (envelope-from kato@ganko.eps.nagoya-u.ac.jp)

Dag-Erling Smorgrav <d...@flood.ping.uio.no> wrote:

> That's an excellent idea - it shouldn't be too hard to add a kernel
> option (say, DDB_RESTRICTED) and #ifndef the "dangerous" commands.


To achieve both higher security and kenel hackers convenience, I'd
submit following idea:

  - If securelevel > 1, DDB is in restricted mode.
  - If securelevel > 1 and an option is defined, DDB is in powerful
    mode.
  - If securelvel < 1, DDB is in powerful mode.

-----------------------------------------------+--------------------------+
KATO Takenori <k...@ganko.eps.nagoya-u.ac.jp>  |        FreeBSD           |
Dept. Earth Planet. Sci, Nagoya Univ.          |    The power to serve!   |
Nagoya, 464-8602, Japan                        |  http://www.FreeBSD.org/ |
++++ FreeBSD(98) 3.2:   Rev. 01 available!     |http://www.jp.FreeBSD.org/|
++++ FreeBSD(98) 2.2.8: Rev. 02 available!     +==========================+


To Unsubscribe: send mail to majord...@freebsd.org
with "unsubscribe freebsd-hackers" in the body of the message

Re: Init(8) cannot decrease securelevel

Reply via email to