netbsd-bugs: Re: kern/1967: securelevel should be patchable

Subject: Re: kern/1967: securelevel should be patchable
To: James da Silva <jds@cs.umd.edu>
From: Matthieu Herrb <matthieu@laas.fr>
List: netbsd-bugs
Date: 01/23/1996 23:25:16

You wrote (in your message from Tue 23)
 >  Jason Thorpe <thorpej@nas.nasa.gov>:
 >  > > I imagine that the current practice of putting it in the bss was done 
 >  > > specifically to prevent what you'd like to be able to do :-)
 > 
 >  Gordon Ross <gwr@mc.com>:
 >  > Perhaps, but that's a false security.
 >  > If I can modify the kernel, i'm in!
 > 
 > Yes!  Securelevel can be patched with a trivial program even when originally
 > in bss.  The kernel needs to be immutable to avoid this.

And so need the 'rc' scripts. If you can modify them, you can load a
LKM that patches securelevel or otherwise defeats it (like the i386
XFree86 aperture driver that I wrote...). 

I've allways thought that really enabling the 'securelevel 1' feature
is too constraining for the average users.


					Matthieu