Re: [ADVISORY] 4.4BSD Securelevels

Thomas H. Ptacek (tqbf@enteract.com)
Thu, 26 Jun 1997 12:09:50 -0500

Messages sorted by: [ date ][ thread ][ subject ][ author ]
Next message: Aleph One: "Security hole affects many cvs pserver installations"
Previous message: Trevor Schroeder: "Problem in dxterm (ULTRIX)"
Maybe in reply to: Thomas H. Ptacek: "[ADVISORY] 4.4BSD Securelevels"
Next in thread: Howie Kaye: "Re: [ADVISORY] 4.4BSD Securelevels"

> If this secure_level is to prevent certain attacks as root, what stops
> root (or someone breaking in with root) from modifying the init
> binary, and rebooting to install it, or even having the modified code
> just get demand paged in?

The filesystem immutable flag.

----------------
Thomas Ptacek at EnterAct, L.L.C., Chicago, IL [tqbf@enteract.com]
----------------
"If you're so special, why aren't you dead?"

Next message: Aleph One: "Security hole affects many cvs pserver installations"
Previous message: Trevor Schroeder: "Problem in dxterm (ULTRIX)"
Maybe in reply to: Thomas H. Ptacek: "[ADVISORY] 4.4BSD Securelevels"
Next in thread: Howie Kaye: "Re: [ADVISORY] 4.4BSD Securelevels"