Subject: Re: kern/1967: securelevel should be patchable
To: None <firstname.lastname@example.org>
From: None <Havard.Eidnes@runit.sintef.no>
Date: 02/11/1996 14:12:09
> Wait, there's more, I think:
> There's potentially a big lag between when inetd is started and
> when securelevel 1 is set. Isn't this a window big enough to
> drive a truck through? Extrapolate to taste for other daemons
> that get started in single user mode and take input from the
> net (eg mountd/nfsd).
> No amount of immutable bits will save us from this one - these
> daemons can't become active until securelevel is set to 1.
Isn't this something you could relatively easily fix with a call
to "sysctl -w kern.securelevel=1" placed at the appropriate spot
in the startup process?