Subject: Re: solving various bug reports...
To: None <darrenr@cyber.com.au>
From: Mike Long <mikel@shore.net>
List: tech-security
Date: 06/26/1997 12:41:27
>From: Darren Reed <darrenr@cyber.com.au>
>Date: Thu, 26 Jun 1997 17:48:28 +1000 (EST)

>> PR 1323 highlights that inetd(8) and other programs are run from
>> /etc/rc before securelevel is raised. Therefore, it is possible for
>> users to get into a system before securelevel is raised.
>> 
>> This is a complicated issue, and probably deserves its own thread.
>> No idea on how to solve it.
>
>How about adding a loop to inetd that checks if the securelevel is 0
>and if so, waits until it becomes > 0 ?  This is based on the theory
>that securelevel is only 0 during booting and the eventual multiuser
>value for securelevel > 0 whilst allowing it to start if secureleve is -1.

This won't work.  If inetd dies after the system has gone multiuser
and you restart it, the restarted inetd will never accept connections.
-- 
Mike Long <mikel@shore.net>                http://www.shore.net/~mikel
"Every normal man must be tempted at times to spit on his hands,
hoist the black flag, and begin slitting throats." -- H.L. Mencken