Subject: Re: i386 IO access and chroot()
To: matthew green <>
From: gabriel rosenkoetter <>
List: tech-security
Date: 07/17/2001 10:33:54
On Sat, Jul 14, 2001 at 07:02:54AM +1000, matthew green wrote:
>    With == 1 you can play tricks with mount points and chroot(2).
> with 1 you can probably write to the raw disk to modify swap outed
> processes, among other things.  this case is boring.
>    With == 2 it is difficult.
> this case is much more interesting.  i don't believe's possible.

Considering our default install boots only to secure level 1, I
don't see that case as particularly boring.

Sure, if you or I were hardening a system, we'd probably actively
set the kernel secure level to 2, but what about the average user
who decides it's a good idea to run, say, Postfix or BIND in a

There are good reasons the documentation for both of these pieces of
software recommend telling them to run as non-root users, especially
as there is no need for either of these (or, really, any daemon I
can think of off-hand that does no user authentication) to run as
root after they've bound to a reserved port.

       ~ g r @