Date: Thu, 8 Aug 1996 07:38:59 +1000 From: Bruce Evans <bde@zeta.org.au> To: jds@TracerTech.COM, michaelh@cet.co.jp Cc: Hackers@FreeBSD.ORG Subject: Re: kern_mib.c:int securelevel = -1; Message-ID: <199608072138.HAA05066@godzilla.zeta.org.au>
next in thread | raw e-mail | index | archive | help
> > #ifdef INSECURE > > int securelevel = -1 > > #else > > int securelevel > > #endif > > > > Here's the a comment from <sys/systm.h> ... >By the way, the comment is wrong on one important point: the disposition of >this variable in bss vs data will be irrelevant to a cracker. If the >kernel is not immutable, the variable can be patched either way. Not quite. The point is to patch the kernel that will be booted from. However if the kernel is not immutable, a cracker could patch some of the code that tests the variable. Bruce
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199608072138.HAA05066>