Subject: Re: The reason for securelevel
To: Steven M. Bellovin <firstname.lastname@example.org>
From: Gilbert Fernandes <email@example.com>
Date: 01/28/2006 12:28:20
> I wasn't suggesting per-process knobs, which is why I said it wasn't a
> direct analogy. The hard part is figuring out what all these different
> bits should be, especially if you want them orthogonal. I cited the
> SGI example to show just how many different things you might want to
> lock down.
Could we have a single "securelevel" option, that would be either 1 or 0.
When it's set to 1 it would parse a configuration file that lists what
happens when the machine gets "locked down". We could have a default file
with some "knobs" turned on, and other turned off. So people could continue
to use "securelevel" to lock down some aspects of their operating system,
and give the freedom to administrators to edit the config file (in
/etc/securelevel.conf for example) and make the lock down be more precise,
or customised for their needs.
This would give us flexibility while keeping a single userlevel knob :)
unzip ; strip ; touch ; grep ; find ; finger ; mount ; fsck ; more ; yes ;
fsck ; umount ; sleep