From owner-freebsd-security Fri Sep 17 15: 1:10 1999 Delivered-To: freebsd-security@freebsd.org Received: from lariat.lariat.org (lariat.lariat.org [206.100.185.2]) by hub.freebsd.org (Postfix) with ESMTP id 3FA461516E for ; Fri, 17 Sep 1999 15:01:07 -0700 (PDT) (envelope-from brett@lariat.org) Received: from mustang (IDENT:ppp0.lariat.org@lariat.lariat.org [206.100.185.2]) by lariat.lariat.org (8.9.3/8.9.3) with ESMTP id QAA15233; Fri, 17 Sep 1999 16:00:18 -0600 (MDT) Message-Id: <4.2.0.58.19990917155850.047bd680@localhost> X-Sender: brett@localhost X-Mailer: QUALCOMM Windows Eudora Pro Version 4.2.0.58 Date: Fri, 17 Sep 1999 16:00:14 -0600 To: "Matthew D. Fuller" From: Brett Glass Subject: Re: Securing a system that's been rooted remotely (Was: BPF on in 3.3-RC GENERIC kernel) Cc: "Harry M. Leitzell" , Liam Slusser , Kenny Drobnack , security@FreeBSD.ORG In-Reply-To: <19990917134343.P16305@futuresouth.com> References: <4.2.0.58.19990916232349.047c27a0@localhost> <4.2.0.58.19990916185341.00aaf100@localhost> <4.2.0.58.19990916232349.047c27a0@localhost> Mime-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org At 01:43 PM 9/17/99 -0500, Matthew D. Fuller wrote: >I can't imagine anyone who would need and use a high securelevel like >that, and still run a GENERIC kernel. If they do, then their worldview >would seem to be slightly skewed. I run a custom (2.1.5-REL) kernel on >musca, which is a 386 SX/20. It took 6 hours to compile. On mortis >(4.0-CURRENT) a kernel takes approx. 2 minutes to compile. This is not a >major time investment. If securelevel isn't set high, a hacker can switch you BACK to the generic kernel with a few keystrokes. --Brett To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message