On Sat, Jul 14, 2001 at 07:02:54AM +1000, matthew green wrote:
>    
>    With == 1 you can play tricks with mount points and chroot(2).
> 
> with 1 you can probably write to the raw disk to modify swap outed
> processes, among other things.  this case is boring.
> 
>    With == 2 it is difficult.
> 
> this case is much more interesting.  i don't believe's possible.

Considering our default install boots only to secure level 1, I
don't see that case as particularly boring.

Sure, if you or I were hardening a system, we'd probably actively
set the kernel secure level to 2, but what about the average user
who decides it's a good idea to run, say, Postfix or BIND in a
chroot?

There are good reasons the documentation for both of these pieces of
software recommend telling them to run as non-root users, especially
as there is no need for either of these (or, really, any daemon I
can think of off-hand that does no user authentication) to run as
root after they've bound to a reserved port.

-- 
       ~ g r @ eclipsed.net