> On 1/26/06, Joachim Schipper <[EMAIL PROTECTED]> wrote:
> > I agree with your assessment - but disallowing mounts in securelevel 2
> > fixes the most obvious attack (that anybody with even a little UNIX
>
> no, it fixes nothing. root can alter processes' memory. you gain
> *nothing* by prevent
From: Joachim Schipper [mailto:[EMAIL PROTECTED]
> Yes, and root can do quite a few other nasty things as well.
> Where did I
> say this was something completely new? Where did I say that
> it fixed the
> problem?
>
> It does two things:
> 1. It makes a single avenue of attack ('the most o
On Thu, Jan 26, 2006 at 03:12:07PM -0800, Ted Unangst wrote:
> On 1/26/06, Joachim Schipper <[EMAIL PROTECTED]> wrote:
> > I agree with your assessment - but disallowing mounts in securelevel 2
> > fixes the most obvious attack (that anybody with even a little UNIX
>
> no, it fixes nothing. root
On 1/26/06, Joachim Schipper <[EMAIL PROTECTED]> wrote:
> I agree with your assessment - but disallowing mounts in securelevel 2
> fixes the most obvious attack (that anybody with even a little UNIX
no, it fixes nothing. root can alter processes' memory. you gain
*nothing* by preventing mount.
On Thu, Jan 26, 2006 at 05:55:22PM +0100, Henning Brauer wrote:
> * Joachim Schipper <[EMAIL PROTECTED]> [2006-01-26 15:26]:
> > You might want to read a little about the recent polemic surrounding
> > securelevels. Basically, they work, but files that are supposed to be
> > unchangeable can be mad
* Joachim Schipper <[EMAIL PROTECTED]> [2006-01-26 15:26]:
> You might want to read a little about the recent polemic surrounding
> securelevels. Basically, they work, but files that are supposed to be
> unchangeable can be made inaccessible by (transparently?) mounting a
> filesystem on top. This
On Thu, Jan 26, 2006 at 01:31:04AM -0500, [EMAIL PROTECTED] wrote:
> On Thursday, January 26, 2006, at 00:53AM, Ted Unangst <[EMAIL PROTECTED]>
> wrote:
>
> >On 1/25/06, [EMAIL PROTECTED] <[EMAIL PROTECTED]> wrote:
> >> 3.9 beta was not fun for me, so I am reinstalling to 3.8 -Stable.
> >> For wh
On Thursday, January 26, 2006, at 00:20AM, Peter Valchev <[EMAIL PROTECTED]>
wrote:
>> 3.9 beta was not fun for me, so I am reinstalling to 3.8 -Stable.
>> For whatever reason I forgot that securelevel was set to 2, but
>> 'make build' is running alright at the moment.
>
>Did you have a problem w
On Thursday, January 26, 2006, at 00:53AM, Ted Unangst <[EMAIL PROTECTED]>
wrote:
>On 1/25/06, [EMAIL PROTECTED] <[EMAIL PROTECTED]> wrote:
>> 3.9 beta was not fun for me, so I am reinstalling to 3.8 -Stable.
>> For whatever reason I forgot that securelevel was set to 2, but
>> 'make build' is ru
On 1/25/06, [EMAIL PROTECTED] <[EMAIL PROTECTED]> wrote:
> 3.9 beta was not fun for me, so I am reinstalling to 3.8 -Stable.
> For whatever reason I forgot that securelevel was set to 2, but
> 'make build' is running alright at the moment.
>
> Can I also compile ports with securelevel set to 2? Do
> 3.9 beta was not fun for me, so I am reinstalling to 3.8 -Stable.
> For whatever reason I forgot that securelevel was set to 2, but
> 'make build' is running alright at the moment.
Did you have a problem with 3.9-beta that you want to report?
Otherwise who knows, you'll probably have the same pr
11 matches
Mail list logo
