Mark <[EMAIL PROTECTED]> writes: > I would like to push my securelevel up to 1 in order to better enforce > my security policy (protecting chflags, kernel modules etc) but this > of course would break Xorg as it requires access to /dev/io. I've > heard that it's possible to run Xorg via xdm whilst the system is > booting at securelevel 0 and have the securelevel raised afterwards, > effectively allowing X to live in a securelevel > 0 environment.
Sure. I don't bother for my own machines, because I'm very careful about authentication methods, but it's certainly > How painful is this to implement? Am I likely to run into any > major problems? It's trivial to implement, and will work fine. If I remember correctly, setting the securelevel by the normal rc.conf method and enabling xdm from ttys(5) should do it. > I've also heard that it's possible to remove the SUID bit from X > by using xdm, but that's probably for another thread... Yep, completely different topic. It's true that it's possible, but if you're in a raised securelevel, it's also not going to gain you much. _______________________________________________ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
