Andrew Brown writes:
> okay, assuming your threat model (which is much more *insidous* than
> mine :), would the idead of inetd directly after date in /etc/rc be
> better (then all /etc/rc has to do is exit) or would it actually be
> more palatable to have init start the first instance of inetd after
> it's finished mucking with the securelevel?

Frankly, there are way too many things that might have to be launched
at rc time that talk to the net for this to be reasonable. inetd is
only one of them.

I prefer the idea of jacking up the secure level from 0 to 1 during rc
running iff securelevel > -1 (i.e. run insecure) and moving all
programs that need to run at securelevel 0 (like modloads and such) to
before the switch.

Perry