Re: [ADVISORY] 4.4BSD Securelevels

Thomas H. Ptacek (tqbf@enteract.com)
Thu, 26 Jun 1997 12:09:50 -0500

> If this secure_level is to prevent certain attacks as root, what stops
> root (or someone breaking in with root) from modifying the init
> binary, and rebooting to install it, or even having the modified code
> just get demand paged in?

The filesystem immutable flag.

----------------
Thomas Ptacek at EnterAct, L.L.C., Chicago, IL [tqbf@enteract.com]
----------------
"If you're so special, why aren't you dead?"