From owner-freebsd-security Wed Sep 15 19:14:26 1999 Delivered-To: freebsd-security@freebsd.org Received: from lariat.lariat.org (lariat.lariat.org [206.100.185.2]) by hub.freebsd.org (Postfix) with ESMTP id 23EEA14A26 for ; Wed, 15 Sep 1999 19:14:23 -0700 (PDT) (envelope-from brett@lariat.org) Received: from mustang (IDENT:ppp0.lariat.org@lariat.lariat.org [206.100.185.2]) by lariat.lariat.org (8.9.3/8.9.3) with ESMTP id UAA22490; Wed, 15 Sep 1999 20:14:10 -0600 (MDT) Message-Id: <4.2.0.58.19990915200910.048dba50@localhost> X-Sender: brett@localhost X-Mailer: QUALCOMM Windows Eudora Pro Version 4.2.0.58 Date: Wed, 15 Sep 1999 20:12:54 -0600 To: Darren Reed From: Brett Glass Subject: Re: BPF on in 3.3-RC GENERIC kernel Cc: Harry_M_Leitzell@cmu.edu, security@FreeBSD.ORG In-Reply-To: <199909152321.JAA12988@cheops.anu.edu.au> References: <4.2.0.58.19990915170025.048d0b00@localhost> Mime-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org At 09:21 AM 9/16/99 +1000, Darren Reed wrote: >If the machine is rooted, you're fucked anyway, unless it's so wired >down with things using file flags that you can't even use vi any more. Well, setting securelevel and making certain key files, like the kernel, immutable helps immensely. Say, there's a thought. Would it be possible to make a high security level "lock down" BPF? Or would it be possible to disable it via a kernel config option? One could run the kernel configuration utility to enable or disable it at boot. --Brett To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message