From owner-freebsd-security  Fri Sep 17 13:12:35 1999
Delivered-To: freebsd-security@freebsd.org
Received: from rover.village.org (rover.village.org [204.144.255.49])
	by hub.freebsd.org (Postfix) with ESMTP id B0BBB14D68
	for <security@FreeBSD.ORG>; Fri, 17 Sep 1999 13:12:21 -0700 (PDT)
	(envelope-from imp@harmony.village.org)
Received: from harmony.village.org (harmony.village.org [10.0.0.6])
	by rover.village.org (8.9.3/8.9.3) with ESMTP id OAA82766;
	Fri, 17 Sep 1999 14:12:20 -0600 (MDT)
	(envelope-from imp@harmony.village.org)
Received: from harmony.village.org (localhost.village.org [127.0.0.1]) by harmony.village.org (8.9.3/8.8.3) with ESMTP id OAA04817; Fri, 17 Sep 1999 14:11:18 -0600 (MDT)
Message-Id: <199909172011.OAA04817@harmony.village.org>
To: Brett Glass <brett@lariat.org>
Subject: Re: Securing a system that's been rooted remotely (Was: BPF on in 3.3-RC GENERIC kernel) 
Cc: "Harry M. Leitzell" <Harry_M_Leitzell@cmu.edu>,
	Liam Slusser <liam@tiora.net>,
	Kenny Drobnack <kdrobnac@mission.mvnc.edu>, security@FreeBSD.ORG
In-reply-to: Your message of "Thu, 16 Sep 1999 23:25:05 MDT."
		<4.2.0.58.19990916232349.047c27a0@localhost> 
References: <4.2.0.58.19990916232349.047c27a0@localhost>  <4.2.0.58.19990916185341.00aaf100@localhost> 
Date: Fri, 17 Sep 1999 14:11:18 -0600
From: Warner Losh <imp@village.org>
Sender: owner-freebsd-security@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.org

In message <4.2.0.58.19990916232349.047c27a0@localhost> Brett Glass writes:
: securelevel=2 and above disables LKMs, IIRC.

except during the boot process...  root is allowed to reboot...

Warner


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message