Re: Kernel-loadable Root Kits
From: Tom Rhodes (trhodes_at_FreeBSD.org)
Date: 09/30/04
- Previous message: Crist J. Clark: "Re: Kernel-loadable Root Kits"
- In reply to: David Schultz: "Re: Kernel-loadable Root Kits"
- Next in thread: Crist J. Clark: "Re: Kernel-loadable Root Kits"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Wed, 29 Sep 2004 21:03:18 -0400 To: David Schultz <das@FreeBSD.org>
On Wed, 29 Sep 2004 19:50:29 -0400
David Schultz <das@freebsd.org> wrote:
> On Wed, Sep 29, 2004, David Pick wrote:
> > 6) securelevel *is* a great thing but sysadmins are tied to the
> > hierarchy of levels chosen by the project, and one size does *not*
> > fit all. As a more general mechanism I would suggest that there
> > is a kernel-build option for *each* facility that can be locked
> > by securelevel, which geves the level at which that facility
> > becomes locked.
>
> Great idea. See mac(4).
And don't forget to read the <shameless plug>MAC</shameless plug>
chapter in the FreeBSD Handbook. :)
-- Tom Rhodes _______________________________________________ freebsd-security@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-security To unsubscribe, send any mail to "freebsd-security-unsubscribe@freebsd.org"
- Previous message: Crist J. Clark: "Re: Kernel-loadable Root Kits"
- In reply to: David Schultz: "Re: Kernel-loadable Root Kits"
- Next in thread: Crist J. Clark: "Re: Kernel-loadable Root Kits"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
