Subject: kern/1967: securelevel should be patchable
To: None <gnats-bugs@gnats.netbsd.org>
From: John Hawkinson <jhawk@mit.edu>
List: netbsd-bugs
Date: 01/22/1996 01:23:22
>Number: 1967
>Category: kern
>Synopsis: securelevel should be patchable
>Confidential: no
>Severity: non-critical
>Priority: low
>Responsible: kern-bug-people (Kernel Bug People)
>State: open
>Class: change-request
>Submitter-Id: net
>Arrival-Date: Mon Jan 22 01:50:01 1996
>Last-Modified:
>Originator: John Hawkinson
>Organization:
MIT SIPB
>Release: Mon Jan 22 01:19:42 EST 1996
>Environment:
System: NetBSD lola-granola 1.1A NetBSD 1.1A (LOLA) #143: Sat Jan 13 01:51:04 EST 1996 mycroft@lola-granola:/afs/sipb.mit.edu/project/netbsd/dev/current-source/build/i386_nbsd1/sys/arch/i386/compile/LOLA i386
>Description:
kern_sysctl declares securelevel without initializing it to zero
if INSECURE is not defined. This means that it gets allocated out
of the bss and is thus not patchable.
Lately a number of users in our environment have been requesting
specialized kernels and it's generally more efficient and less time-
consuming to patch our existing distribution kernels rather than
recompile. Unfortunately, for those who require INSECURE, this is
nottrivial.
Some may make the argument that securelevel should not be patchable
for just this reason. The counter argument is that such people should
mark their kernels immutable, and consider adding options SECURE
which reverts the declaration to its current state.
>How-To-Repeat:
echo "set securelevel=-1" | gdb -k -w /netbsd
>Fix:
*** kern_sysctl.c.dist Mon Jan 22 01:18:07 1996
--- kern_sysctl.c Mon Jan 22 01:18:27 1996
***************
*** 188,194 ****
#ifdef INSECURE
int securelevel = -1;
#else
! int securelevel;
#endif
/*
--- 188,194 ----
#ifdef INSECURE
int securelevel = -1;
#else
! int securelevel = 0;
#endif
/*
>Audit-Trail:
>Unformatted: