200 messages in org.freebsd.freebsd-securityRe: securelevel (was: Re: security ho...| From | Sent On | Attachments |
|---|---|---|
| 43 earlier messages | ||
| Jonathan A. Zdziarski | Jul 28, 1997 1:47 pm | |
| Jonathan A. Zdziarski | Jul 28, 1997 1:51 pm | |
| Robert Watson | Jul 28, 1997 1:54 pm | |
| Nate Williams | Jul 28, 1997 2:00 pm | |
| Ollivier Robert | Jul 28, 1997 2:07 pm | |
| Matthew N. Dodd | Jul 28, 1997 2:14 pm | |
| Karl Denninger | Jul 28, 1997 2:42 pm | |
| Vincent Poy | Jul 28, 1997 2:43 pm | |
| Vincent Poy | Jul 28, 1997 3:01 pm | |
| Vincent Poy | Jul 28, 1997 3:06 pm | |
| Jordan K. Hubbard | Jul 28, 1997 3:10 pm | |
| Vincent Poy | Jul 28, 1997 3:25 pm | |
| Vincent Poy | Jul 28, 1997 3:28 pm | |
| Matthew N. Dodd | Jul 28, 1997 3:30 pm | |
| Vincent Poy | Jul 28, 1997 3:30 pm | |
| Vincent Poy | Jul 28, 1997 3:44 pm | |
| Brian Buchanan | Jul 28, 1997 4:06 pm | |
| Gary Clark II | Jul 28, 1997 4:06 pm | |
| Vincent Poy | Jul 28, 1997 4:14 pm | |
| Vincent Poy | Jul 28, 1997 4:16 pm | |
| Vincent Poy | Jul 28, 1997 4:18 pm | |
| Matthew N. Dodd | Jul 28, 1997 4:18 pm | |
| Vincent Poy | Jul 28, 1997 4:19 pm | |
| Vincent Poy | Jul 28, 1997 4:25 pm | |
| Vincent Poy | Jul 28, 1997 4:30 pm | |
| Brian Buchanan | Jul 28, 1997 4:48 pm | |
| Jordan K. Hubbard | Jul 28, 1997 4:59 pm | |
| Jordan K. Hubbard | Jul 28, 1997 5:00 pm | |
| Vincent Poy | Jul 28, 1997 5:02 pm | |
| Brian Buchanan | Jul 28, 1997 5:09 pm | |
| Vincent Poy | Jul 28, 1997 5:19 pm | |
| Vincent Poy | Jul 28, 1997 5:20 pm | |
| Gary Palmer | Jul 28, 1997 5:22 pm | |
| Vincent Poy | Jul 28, 1997 5:26 pm | |
| Vincent Poy | Jul 28, 1997 5:30 pm | |
| Gary Palmer | Jul 28, 1997 5:30 pm | |
| Brian Buchanan | Jul 28, 1997 5:32 pm | |
| Gary Palmer | Jul 28, 1997 5:33 pm | |
| Vincent Poy | Jul 28, 1997 5:34 pm | |
| Gary Palmer | Jul 28, 1997 5:36 pm | |
| Vincent Poy | Jul 28, 1997 5:40 pm | |
| Gary Palmer | Jul 28, 1997 5:44 pm | |
| Gary Palmer | Jul 28, 1997 5:45 pm | |
| Vincent Poy | Jul 28, 1997 5:49 pm | |
| Gary Palmer | Jul 28, 1997 5:53 pm | |
| Vincent Poy | Jul 28, 1997 5:57 pm | |
| Vincent Poy | Jul 28, 1997 6:01 pm | |
| Vincent Poy | Jul 28, 1997 6:01 pm | |
| Brian Buchanan | Jul 28, 1997 6:19 pm | |
| Brian Buchanan | Jul 28, 1997 6:24 pm | |
| Matthew N. Dodd | Jul 28, 1997 6:41 pm | |
| Robert Watson | Jul 28, 1997 6:59 pm | |
| Robert Watson | Jul 28, 1997 7:00 pm | |
| Vincent Poy | Jul 28, 1997 7:01 pm | |
| Vincent Poy | Jul 28, 1997 7:04 pm | |
| Matthew N. Dodd | Jul 28, 1997 7:19 pm | |
| John Preisler | Jul 28, 1997 7:31 pm | |
| Brian Buchanan | Jul 28, 1997 7:52 pm | |
| John Dowdal | Jul 28, 1997 8:29 pm | |
| Annelise Anderson | Jul 28, 1997 8:41 pm | |
| Nate Williams | Jul 28, 1997 9:09 pm | |
| Vincent Poy | Jul 28, 1997 9:12 pm | |
| Vincent Poy | Jul 28, 1997 9:15 pm | |
| Vincent Poy | Jul 28, 1997 9:19 pm | |
| Heikki Suonsivu | Jul 28, 1997 9:33 pm | |
| Jan Koum | Jul 28, 1997 9:39 pm | |
| Vincent Poy | Jul 28, 1997 9:49 pm | |
| Jordan K. Hubbard | Jul 28, 1997 10:05 pm | |
| Vincent Poy | Jul 28, 1997 10:14 pm | |
| Gary Palmer | Jul 28, 1997 10:27 pm | |
| Gary Palmer | Jul 28, 1997 10:28 pm | |
| Vincent Poy | Jul 28, 1997 10:35 pm | |
| Vincent Poy | Jul 28, 1997 10:37 pm | |
| John-David Childs | Jul 28, 1997 10:38 pm | |
| Gary Palmer | Jul 28, 1997 10:40 pm | |
| Vincent Poy | Jul 28, 1997 10:44 pm | |
| Gary Palmer | Jul 28, 1997 10:50 pm | |
| Vincent Poy | Jul 28, 1997 10:55 pm | |
| Jordan K. Hubbard | Jul 28, 1997 10:59 pm | |
| Vincent Poy | Jul 28, 1997 11:01 pm | |
| Jordan K. Hubbard | Jul 28, 1997 11:07 pm | |
| Jordan K. Hubbard | Jul 28, 1997 11:11 pm | |
| Jordan K. Hubbard | Jul 28, 1997 11:16 pm | |
| Sergei S. Laskavy | Jul 29, 1997 12:13 am | |
| John-David Childs | Jul 29, 1997 2:09 am | |
| Narvi | Jul 29, 1997 2:48 am | |
| Stephen D. Spencer | Jul 29, 1997 3:43 am | |
| Robert Watson | Jul 29, 1997 5:32 am | |
| Adam Shostack | Jul 29, 1997 5:49 am | |
| Robert Watson | Jul 29, 1997 6:39 am | |
| Nate Williams | Jul 29, 1997 7:19 am | |
| Rodney W. Grimes | Jul 29, 1997 8:58 am | |
| Warner Losh | Jul 29, 1997 9:25 am | |
| Warner Losh | Jul 29, 1997 9:34 am | |
| Christopher Petrilli | Jul 29, 1997 9:52 am | |
| Jim Shankland | Jul 29, 1997 9:57 am | |
| John Dowdal | Jul 29, 1997 10:50 am | |
| Poul-Henning Kamp | Jul 29, 1997 12:05 pm | |
| Bill Pechter | Jul 29, 1997 12:29 pm | |
| Matthew Hunt | Jul 29, 1997 12:37 pm | |
| 57 later messages | ||
| Subject: | Re: securelevel (was: Re: security hole in FreeBSD) | |
|---|---|---|
| From: | Brian Buchanan (bri...@thought.res.cmu.edu) | |
| Date: | Jul 28, 1997 6:24:35 pm | |
| List: | org.freebsd.freebsd-security | |
On Mon, 28 Jul 1997, Vincent Poy wrote:
On Mon, 28 Jul 1997, Brian Buchanan wrote:
=)Uh, that would defeat the purpose of securelevel. It's not supposed to be =)possible to ever lower it, except when dropping into single-user mode, and =)even allowing init to do so in that instance is risky IMHO - a few months =)ago I reported a hole, which I believe was fixed, that made it possible to =)lower the securelevel by attaching a debugger to init. Even though that's =)plugged now, it's still possible that there's another way to fool the =)kernel into thinking that process 1 is requesting that securelevel be =)lowered.
Anything is possible since nothing is unhackable. Would running init at securelevel 2 and then have it reboot multi-user at a lower level be possible?
That defeats it just the same. The attacker breaks in, reboots the system into multi-user with securelevel 0, removes schg flags, alters init, the kernel, /bin/login, whatever, kills the logs, raises securelevel back to 2 to cover his tracks. Allowing the securelevel to be lowered and the system to return to multi-user mode without operator confirmation is a bad thing - it completely defeats its purpose. If it's not possible to do maintenance at the local console, it's probably best not to use securelevel.