Subject: Re: [ADVISORY] 4.4BSD Securelevels (fwd)
To: None <tech-security@NetBSD.ORG, current-users@NetBSD.ORG>
From: Andrew Brown <email@example.com>
Date: 06/26/1997 00:11:56
>> A vulnerability in the 4.4BSD process filesystem allows arbitrary
>> processes to lower the system securelevel, subverting security measures
>> that rely on this setting. This problem can affects the filesystem
>> "immutable" flag, and may allow intruders to modify the running kernel.
should we also consider that if you can get console access to a
machine that has ddb in the kernel, it's trivial to set the
securelevel to something arbitrary?
|-----< "CODE WARRIOR" >-----|
firstname.lastname@example.org (TheMan) * "ah! i see you have the internet
email@example.com that goes *ping*!"
firstname.lastname@example.org * "information is power -- share the wealth."