Date: Thu, 20 Jan 2005 19:32:01 -0800 From: Andrew Konstantinov <andrei@kableu.com> To: freebsd-stable@freebsd.org Subject: secure level 2 unable to modify pf rules Message-ID: <20050121033201.GA81807@warrior.kableu.com>
next in thread | raw e-mail | index | archive | help
--Qxx1br4bt0+wmkIi Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Hello, The manual page for securelevel says that secure level 3 provides the same functionality as secure level 2 plus the protection of pf/ipf/ipfw against modification. Since pf/ipf/ipfw protection is an addition, I assume that it should not be present with secure level 2. For some reason that's not the reality. gater# id uid=0(root) gid=0(wheel) groups=0(wheel), 5(operator) gater# uname -rs FreeBSD 5.3-RELEASE-p5 gater# sysctl kern.securelevel kern.securelevel: 2 gater# pfctl -F all pfctl: pfctl_clear_rules: Operation not permitted gater# Is there a bug in the documentation or in the implementation of secure level? Or perhaps, did I misinterpret something? Thanks in advance, Andrew --Qxx1br4bt0+wmkIi Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.0 (FreeBSD) iD8DBQFB8Hexg+6MtxSjexcRAtowAKCmoTEt5PtPHh96zdea6/HxFe/zYwCeI+kp C4LFfe9yHCRgCmISL9vrELQ= =gTa9 -----END PGP SIGNATURE----- --Qxx1br4bt0+wmkIi--
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20050121033201.GA81807>