minor issues with TCB

To: netbsd-users%NetBSD.org@localhost
Subject: minor issues with TCB
From: Alexander Nasonov <alnsn%yandex.ru@localhost>
Date: Wed, 5 Jul 2017 22:58:31 +0100

TCB (Trusted Computing Base) is a technique for locking down your
system with securelevel and immutable files. It's documented in
secmodel_securelevel(9).

I recently played with it and I had some minor issues which I'd like
to report:

- secmodel_securelevel.9 is in comp.tgz which isn't always available on
  a server,
- restore(8) complains about immutable hard links (e.g. when /netbsd and
  /onetbsd are two hardlinks of the same kernel),
- daily mail sends me errors:

cp: /var/backups//etc/ssh/ssh_config.current: Operation not permitted
ci: /var/backups//etc/ssh/ssh_config.current: Operation not permitted
co: /var/backups//etc/ssh/ssh_config.current: Operation not permitted
co: see /var/backups//etc/ssh/_1WS1s8D
chown: /var/backups//etc/ssh/ssh_config.current: Operation not permitted

--
Alex

Prev by Date: Re: [NetBSD 8.0_BETA] Panic on amd64
Next by Date: Re: [NetBSD 8.0_BETA] Panic on amd64
Previous by Thread: [NetBSD 8.0_BETA] Panic on amd64
Next by Thread: NetBSD 8.0-BETA hangs at boot at xHCI (so does netbsd-7)
Indexes:

Home | Main Index | Thread Index | Old Index