>> A vulnerability in the 4.4BSD process filesystem allows arbitrary
>> processes to lower the system securelevel, subverting security measures
>> that rely on this setting. This problem can affects the filesystem
>> "immutable" flag, and may allow intruders to modify the running kernel.

should we also consider that if you can get console access to a
machine that has ddb in the kernel, it's trivial to set the
securelevel to something arbitrary?

-- 
|-----< "CODE WARRIOR" >-----|
andrew@echonyc.com (TheMan)        * "ah!  i see you have the internet
codewarrior@daemon.org                               that goes *ping*!"
warfare@graffiti.com      * "information is power -- share the wealth."