Question about securelevel

roberto at redix.it roberto at redix.it
Wed Feb 11 06:28:30 PST 2004


>
> you do not need to go single user to change it. just remove the
> securelevel lines from /etc/rc.conf and reboot.
>
> greetings,
> 	tilo
>

As said, the root filesystem is read-only and the command "mount -uw /"
should be in disabled when securelevel==3, in my ideal kernel.

Actually the command "mount -uw /" will succeded when the securelevel==3,
but supposing should be not so difficult to change the FreeBSD kernel,
this (securelevel+readonly filesystem) could address the weakness of
securelevel+non-read-only filesystem.

Regards
Roberto




More information about the freebsd-security mailing list