Subject: Re: Another changer, another changer problem
To: NetBSD-current Discussion List <firstname.lastname@example.org>
From: Curt Sampson <email@example.com>
Date: 10/08/1998 19:44:11
On Thu, 8 Oct 1998, Greg A. Woods wrote:
> Unless you prevent root from killing processes then a rogue root's going
> to be able to emulate single user mode anyway -- the only difference is
> they'll have to crack the securelevel settings to get very far.
And just how do they do that?
> So long
> as the only way to change securelevel is to raise it (which is the only
> sane way it can be implemented safely) then the rogue root still has to
> go through a reboot() call....
Well, when you make that change to NetBSD, let me know. At this
time, init can lower the securelevel.
> See? My console reassignment trick hasn't thwarted you in the least...
Not on your imaginary NetBSD system, no. Unfortunately, it has on
the system on downloaded from ftp.netbsd.org.
Curt Sampson <firstname.lastname@example.org> 604-257-9400 De gustibus, aut bene aut nihil.
Any opinions expressed are mine and mine alone.
The most widely ported operating system in the world: http://www.netbsd.org