From owner-freebsd-security Sun Jun 20 9: 4: 2 1999 Delivered-To: freebsd-security@freebsd.org Received: from ns1.yes.no (ns1.yes.no [195.204.136.10]) by hub.freebsd.org (Postfix) with ESMTP id 494B414C8B for ; Sun, 20 Jun 1999 09:03:57 -0700 (PDT) (envelope-from eivind@bitbox.follo.net) Received: from bitbox.follo.net (bitbox.follo.net [195.204.143.218]) by ns1.yes.no (8.9.1a/8.9.1) with ESMTP id SAA15236; Sun, 20 Jun 1999 18:03:57 +0200 (CEST) Received: (from eivind@localhost) by bitbox.follo.net (8.8.8/8.8.6) id SAA77396; Sun, 20 Jun 1999 18:03:56 +0200 (MET DST) Date: Sun, 20 Jun 1999 18:03:56 +0200 From: Eivind Eklund To: Frank Tobin Cc: FreeBSD-security Mailing List Subject: Re: proposed secure-level 4 patch Message-ID: <19990620180356.J63035@bitbox.follo.net> References: Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii X-Mailer: Mutt 0.95.1i In-Reply-To: ; from Frank Tobin on Sat, Jun 19, 1999 at 12:56:19AM -0500 Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org On Sat, Jun 19, 1999 at 12:56:19AM -0500, Frank Tobin wrote: > Okay, a good friend of mine Kris Wehner has written a patch to implement > the proposed securelevel of 4, which would disallow the opening of > secure ports (<1024) while in the securelevel of 4. The patch is against > 3.2-STABLE kernel, as of within 12 hours. I'd like to hear more comments > before I send it as a send-pr. The patch is attached. I think using securelevel 4 for this is a bad idea. I believe the right thing to do with securelevels is to start splitting them into a set of different sysctls, where each individual feature can be turned off. It is convenient to have a set of sysctls you can use to "turn off everything" (like securelevel does today). However, to apply a "full securelevel" to a box is difficult; the ability to throw away single capabilities could be very useful. Eivind. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message