Skip site navigation (1)Skip section navigation (2)
Date:      Wed, 28 Jul 1999 09:38:20 -0600
From:      Nate Williams <nate@mt.sri.com>
To:        Henk van Oers <hvoers@anp.nl>
Cc:        "Brian F. Feldman" <green@FreeBSD.ORG>, Nate Williams <nate@mt.sri.com>, Joe Greco <jgreco@ns.sol.net>, hackers@FreeBSD.ORG, freebsd-ipfw@FreeBSD.ORG
Subject:   Re: securelevel and ipfw zero
Message-ID:  <199907281538.JAA01258@mt.sri.com>
In-Reply-To: <Pine.QNX4.4.02.9907281643190.13890-100000@ns.anp.nl>
References:  <Pine.BSF.4.10.9907280217180.71863-100000@janus.syracuse.net> <Pine.QNX4.4.02.9907281643190.13890-100000@ns.anp.nl>

Next in thread | Previous in thread | Raw E-Mail | Index | Archive | Help
> And then ... securelevel == 3 I think it is better NOT to permit
> 'sysctl -w', 'ipfw *' AND a logging limmit, just process the logfile
> faster to avoid DoS

The real issue we are dealing with is what happens at securelevel == 3.
What you are saying is that people shouldn't be allowed to modify
*anything* at securelevel == 3, correct?



Nate


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-ipfw" in the body of the message




Want to link to this message? Use this URL: <http://docs.FreeBSD.org/cgi/mid.cgi?199907281538.JAA01258>