Subject: Re: cloning loopback and security [was Re: CVS commit: src/sys ]
To: Jonathan Stone <email@example.com>
From: James Chacon <jmc@NetBSD.org>
Date: 12/09/2004 15:16:41
On Thu, Dec 09, 2004 at 01:05:30PM -0800, Jonathan Stone wrote:
> >If we're gonna do that, then the logic would
> >assume we'd be doing that for all dynamic type variables done today via
> >sysctl and the movement has been away from that. A sysctl is "good enough"
> >as it can be controlled directly at startup time and then move security
> >level up to whatever point you want. [...]
> Except if you ever want to upgrade, then you may need to lower
> securelevel. That can get ... exceedingly tricky.
But you can't lower security level today. If you wanna upgrade it, reboot
and leave it at a lower security level (i.e. boot from cdrom if need be).
Obviously nothing we do can solve the physical access problem.