tech-kern: Re: security sysctl? (was: r/o filesystem restrictions for firewall?)

Subject: Re: security sysctl? (was: r/o filesystem restrictions for firewall?)
To: None <tech-security@netbsd.org, tech-kern@netbsd.org>
From: Thor Lancelot Simon <tls@rek.tjls.com>
List: tech-kern
Date: 10/25/2000 23:09:51

On Wed, Oct 25, 2000 at 09:14:11PM -0400, jchacon@genuity.net wrote:
> Does securelevel 2 prevent you from mounting any new devices as well?
> 
> i.e. can I vnconfig and mount that file?

You know, this discussion is rather frustrating to me because all of the
relevant details are pretty well documented.  I quote the init(8) manual
page:

     2     Highly secure mode - same as secure mode, plus disks are always
           read-only whether mounted or not, new disks may not be mounted, and
           existing mounts may only be downgraded from read-write to read-on-
           ly.  This level precludes tampering with filesystems by unmounting
           them, but also inhibits running newfs(8) while the system is multi-
           user.

           The settimeofday(2) system call can only advance the time.

           The state of ipf(8) (the in-kernel IP filtering facility) may not
           be changed.

           Users may not change the per-process core name template format, on-
           ly the default can be changed.

           Downgrading from highly secure mode to insecure mode (that is, to
           single-user mode) always requires the root password to be entered
           on the console, whether the console is marked as 'secure' in
           /etc/ttys or not.