Date: Mon, 11 Mar 2002 11:55:56 -0800 From: "Jeff Jirsa" <jjirsa@hmc.edu> To: <freebsd-hackers@freebsd.org> Subject: logging securelevel violations Message-ID: <002001c1c936$c25ff4d0$5e3bad86@boredom>
next in thread | raw e-mail | index | archive | help
I've noticed that currently, violations of securelevel are aborted, but not
typically logged. It seems like in addition to aborting whichever calls are
in progress, logging an error might be beneficial. I recognize that this
goes along the same lines as logging file permission errors, but if a file
is marked immutable, the implicit value of the file should suggest that one
might want to be able to audit attempted changes to that file.
A case in point: /usr/src/sys/kern/kern_linker.c (4.5 STABLE):
int
linker_load_file(const char* filename, linker_file_t* result)
{
...
/* Refuse to load modules if securelevel raised */
if (securelevel > 0)
return EPERM;
.....
Would the following not work?
int
linker_load_file(const char* filename, linker_file_t* result)
{
...
/* Refuse to load modules if securelevel raised */
if (securelevel > 0)
{
log(LOG_ERR, "Unable to load module %s: securelevel violation \n",
filename);
return EPERM;
}
...
So, my questions are: Why shouldn't it be done? What simple problems am I
overlooking? (Would such a contribution have a chance of making it into
5.0?)
- Jeff
=================
Jeff Jirsa
jjirsa@hmc.edu
=================
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-hackers" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?002001c1c936$c25ff4d0$5e3bad86>