Question about securelevel
roberto at redix.it
roberto at redix.it
Wed Feb 11 05:12:54 PST 2004
I want to discuss securelevel and whether it's a good or bad thing.
Now, I do not need help to get it working (but never say never ...).
I'll try to explain my idea.
Suppose I'm trying to setup a packet-filtering firewall based on FreeBSD,
and I want to harden it (I heard about TrustedBSD, but here I want to
speach about securelevel).
I made the assumption that the console (of my BSD) is in a safe place, so
I can exclude any hack from it. It should be the only place where the
administrator can access the O.S. with securelevel disabled (i.e.=0, by
means of a single user mode).
In normal condition, O.S. is running on securelevel=3 so nobody can:
- kernel module connot be loaded or unloaded;
- packet filtering rules connot be altered;
- /dev/mem and kmem cannot be write;
- immutable and sys flags cannot be turned off;
In addition (this is my idea), suppose to configured the root filesystem
read-only and there is no way to change this (remount it rw) when
securelevel is == 3.
Could this configuration be considered secure, according to you?
There are any weakness of securelevel still present?
Any comments are welcome...
Regards,
Roberto
More information about the freebsd-security
mailing list