Date: Fri, 17 Sep 1999 13:43:43 -0500 From: "Matthew D. Fuller" <fullermd@futuresouth.com> To: Brett Glass <brett@lariat.org> Cc: "Harry M. Leitzell" <Harry_M_Leitzell@cmu.edu>, Liam Slusser <liam@tiora.net>, Kenny Drobnack <kdrobnac@mission.mvnc.edu>, security@FreeBSD.ORG Subject: Re: Securing a system that's been rooted remotely (Was: BPF on in 3.3-RC GENERIC kernel) Message-ID: <19990917134343.P16305@futuresouth.com> In-Reply-To: <4.2.0.58.19990916232349.047c27a0@localhost>; from Brett Glass on Thu, Sep 16, 1999 at 11:25:05PM -0600 References: <4.2.0.58.19990916185341.00aaf100@localhost> <Pine.SOL.3.96L.990916210821.19993A-100000@unix8.andrew.cmu .edu> <4.2.0.58.19990916232349.047c27a0@localhost>
next in thread | previous in thread | raw e-mail | index | archive | help
On Thu, Sep 16, 1999 at 11:25:05PM -0600, a little birdie told me that Brett Glass remarked > > securelevel=2 and above disables LKMs, IIRC. I can't imagine anyone who would need and use a high securelevel like that, and still run a GENERIC kernel. If they do, then their worldview would seem to be slightly skewed. I run a custom (2.1.5-REL) kernel on musca, which is a 386 SX/20. It took 6 hours to compile. On mortis (4.0-CURRENT) a kernel takes approx. 2 minutes to compile. This is not a major time investment. -- Matthew Fuller (MF4839) | fullermd@over-yonder.net Unix Systems Administrator | fullermd@futuresouth.com Specializing in FreeBSD | http://www.over-yonder.net/ FutureSouth Communications | ISPHelp ISP Consulting "The only reason I'm burning my candle at both ends, is because I haven't figured out how to light the middle yet" To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?19990917134343.P16305>