>From: Darren Reed <darrenr@cyber.com.au>
>Date: Fri, 27 Jun 1997 19:26:06 +1000 (EST)
>
>In some mail I received from Andrew Brown, sie wrote
>[...]
>> okay, assuming your threat model (which is much more *insidous* than
>> mine :), would the idead of inetd directly after date in /etc/rc be
>> better (then all /etc/rc has to do is exit) or would it actually be
>> more palatable to have init start the first instance of inetd after
>> it's finished mucking with the securelevel?
>
>If I may be bold for a moment, if we had an inittab and run levels, we'd
>define the transition from (say) 3 to 4 to be "going multiuser and increase
>securelevel if appropriate" and then start inetd at run level 4.

I hope you're wearing a hard hat.

I think a far simpler, and hence better, solution would be to have
init run a separate /etc/rc.secure script after increasing the
securelevel.

While we're at it, we could have init run /etc/rc.shutdown when making
the transition from multi- to single-user.

Comments?
-- 
Mike Long <mikel@shore.net>                http://www.shore.net/~mikel
"Every normal man must be tempted at times to spit on his hands,
hoist the black flag, and begin slitting throats." -- H.L. Mencken