Subject: Re: security sysctl? (was: r/o filesystem restrictions for firewall?)
To: Allen Briggs <email@example.com>
From: Greywolf <firstname.lastname@example.org>
Date: 10/24/2000 14:50:40
On Tue, 24 Oct 2000, Allen Briggs wrote:
# Downgrading from highly secure mode to insecure mode (that is, to
# single-user mode) always requires the root password to be entered
# on the console, whether the console is marked as 'secure' in
# /etc/ttys or not.
I think it's time we looked at a securemode thing as a set of flags instead
of a number; I wouldn't mind having all of securemode 2 enabled less this
particular bit, but there's apparently no way to do this short of hacking
on the kernel on my box.
Also, I didn't see anything in there which mentioned, specifically,
locking the sysctl base, which is something that I noticed Jon (and
But, on the other hand, upon thinking about this, the format which would
be necessary for being able to tweak things ultimately ends up looking
like a Windoesn't registry.
*BSD: Tap The Power.