OSEC

Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com
 
Subject: Re: security sysctl? (was: r/o filesystem restrictions for firewall?)
From: Allen Briggs (briggsninthwonder.com)
Date: Tue Oct 24 2000 - 14:01:25 CDT

On Tue, Oct 24, 2000 at 01:45:06PM -0400, Jon Lindgren wrote:
> Then I definitely don't know exactly what securelevel 2 is. Is there a
> spot to read up on exactly what it does and what it affects?

init(8):

     2 Highly secure mode - same as secure mode, plus disks are always
           read-only whether mounted or not, new disks may not be mounted, and
           existing mounts may only be downgraded from read-write to read-on-
           ly. This level precludes tampering with filesystems by unmounting
           them, but also inhibits running newfs(8) while the system is multi-
           user.

           The settimeofday(2) system call can only advance the time.

           The state of ipf(8) (the in-kernel IP filtering facility) may not
           be changed.

           Downgrading from highly secure mode to insecure mode (that is, to
           single-user mode) always requires the root password to be entered
           on the console, whether the console is marked as 'secure' in
           /etc/ttys or not.

-allen