Subject: Re: solving various bug reports...
To: Andrew Brown <codewarrior@daemon.org>
From: Todd Vierling <tv@pobox.com>
List: tech-security
Date: 06/27/1997 10:51:11
On Fri, 27 Jun 1997, Andrew Brown wrote:

: okay, assuming your threat model (which is much more *insidous* than
: mine :), would the idead of inetd directly after date in /etc/rc be
: better (then all /etc/rc has to do is exit) or would it actually be
: more palatable to have init start the first instance of inetd after
: it's finished mucking with the securelevel?

Reading all this thread, one possibility came to mind.  At the end of rc,
why not just deliberately increase the securelevel with sysctl and then run
inetd?  Better yet, have securelevel raised before rc.local?  Init doesn't
have to do that job outright; it can just "ensure" that securelevel == 1 at
the end of rc.

=====
== Todd Vierling (Personal tv@pobox.com; Business tv@iag.net) Foo-bar-baz! ==
== System administrator/technician, Internet Access Group, Orlando Florida ==
== Dialups in Orange, Volusia, Lake, Osceola counties - http://www.iag.net ==