Date: Tue, 25 Mar 2003 14:07:20 +0100 From: Marko Kuntic <mkuntic@mioc.hr> To: FreeBSD-gnats-submit@FreeBSD.org Subject: kern/50273: securelevel granularity Message-ID: <E18xo9A-00043G-00@zagreb.mioc.hr>
next in thread | raw e-mail | index | archive | help
>Number: 50273 >Category: kern >Synopsis: securelevel granularity >Confidential: no >Severity: non-critical >Priority: medium >Responsible: freebsd-bugs >State: open >Quarter: >Keywords: >Date-Required: >Class: change-request >Submitter-Id: current-users >Arrival-Date: Tue Mar 25 05:10:11 PST 2003 >Closed-Date: >Last-Modified: >Originator: Marko Kuntic >Release: FreeBSD 5.0-RELEASE-p6 i386 >Organization: XV. gimnazija >Environment: System: FreeBSD 5.0-RELEASE-p6 i386 >Description: Securelevels consist of different security measures lumped together. A more useful approach would be to enable the administrator to set various measures individually; for example, one may wish not to allow modules to be loaded or unloaded, but at the same time allow the immutable flag to be unset from files. The existing mechanism makes such differentiation impossible. >How-To-Repeat: >Fix: Instead of providing securelevels, provide ON/OFF switches for individual security measures, or, at least, provide these switches within the context of existing securelevels. >Release-Note: >Audit-Trail: >Unformatted: To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-bugs" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?E18xo9A-00043G-00>