From: Christian Weisgerber (naddy_at_mips.rhein-neckar.de)
Date: 21. Mar 2000
Mark Seuffert (Pirates) <captain_at_pirate.de> wrote:
> Viel sichere wäre ein Kernelfeature so dass man von NICHT readonly
> gemounteten devices KEINE pogramme/scripte starten dürfte.
Du kannst beliebige Filesysteme mit »-o noexec« mounten. Was, wie
Raphael schon bemerkt hat, ziemlich bedeutungslos ist, wenn
Interpreter auf der Maschine sind.
Du willst BSD-Securelevel.
--------------------------------------------------------------->
The kernel runs with four different levels of security. Any
super-user process can raise the security level, but no process
can lower it. The security levels are:
0 Insecure mode - immutable and append-only flags may be turned
off. All devices may be read or written subject to their
permissions.
1 Secure mode - the system immutable and system append-only
flags may not be turned off; disks for mounted filesystems,
/dev/mem, and /dev/kmem may not be opened for writing.
2 Highly secure mode - same as secure mode, plus disks may not
be opened for writing (except by mount(2)) whether mounted
or not. This level precludes tampering with filesystems by
unmounting them, but also inhibits running newfs(8) while
the system is multi-user. In addition, kernel time changes
are restricted to less than or equal to one second. Attempts
to change the time by more than this will log the message
``Time adjustment clamped to +1 second''.
3 Network secure mode - same as highly secure mode, plus IP
packet filter rules (see ipfw(8) and ipfirewall(4)) cannot
be changed and dummynet(4) configuration cannot be adjusted.
<---------------------------------------------------------------
(Aus der FreeBSD init(8)-Manpage.)
-- Christian "naddy" Weisgerber naddy_at_mips.rhein-neckar.de
Dieses Archiv wurde generiert von hypermail 2.1.2 : 11. Mar 2002 CET