Date: Fri, 15 Jun 2001 06:23:06 +0200 From: Erik Trulsson <ertr1013@student.uu.se> To: dmp <dmp@pantherdragon.org> Cc: freebsd-questions@FreeBSD.ORG Subject: Re: Can still mount/umount with kern.securelevel=2? Message-ID: <20010615062305.A79476@student.uu.se> In-Reply-To: <3B298B4E.25759FA5@pantherdragon.org>; from dmp@pantherdragon.org on Thu, Jun 14, 2001 at 09:13:02PM -0700 References: <3B298B4E.25759FA5@pantherdragon.org>
next in thread | previous in thread | raw e-mail | index | archive | help
On Thu, Jun 14, 2001 at 09:13:02PM -0700, dmp wrote:
> I have a 4.3-R machine running at securelevel 2, and I can still mount
> and umount volumes. I thought securelevel 2 was supposed to prevent
> this?
You thought wrong. :-) Looking at the descriptions of the various
securelevels in the manpage for init(8) it seems that mount/umount is
allowed at all secure-levels.
The notes for securelvel2 says:
2 Highly secure mode - same as secure mode, plus disks may not be
opened for writing (except by mount(2)) whether mounted or not.
This level precludes tampering with filesystems by unmounting them,
but also inhibits running newfs(8) while the system is multi-user.
Note that comment about mount(2). What it means is that under
securelevel 2 you cannot access the raw disk device itself. You can
mount a disk and access it through the filesystem but not in any other
way.
--
<Insert your favourite quote here.>
Erik Trulsson
ertr1013@student.uu.se
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20010615062305.A79476>