Subject: Re: secure modes...?
To: Thor Lancelot Simon <>
From: Greywolf <>
List: current-users
Date: 09/09/2000 13:19:09
On Sat, 9 Sep 2000, Thor Lancelot Simon wrote:

# You're right -- disklabel operations, as well as operations on partitions
# which overlap mounted partitions, should be prohibited (or, more precisely,
# *because* disklabel operations are operations on a partition which overlaps
# a mounted partition, they should be prohibited at securelevel 1).

I look at it this way:  You should be permitted to change things which
do not affect mounted partitions.  Of course, changing the geometry
of the disk should be prohibited if anything is mounted.

# Unfortunately, when I proposed this change there were a large number of
# objections.  That's why there's a securelevel 2.

Does init just decrement the securelevel, or does it roll it back to
zero in single-user mode?  (If the former, then running at securelevel 2
is really screwed since you then can't do anything useful in single-user

# Thor

If anyone requests a reason as to why Windows NT is inferior to UNIX,
refer them to the process scheduler, for starters.  Of course, users
don't care, and programmers try not to, even though they both should.
If that fails, reiterate that remote administration and control of a
node is a *good* thing, especially if network security is concerned.