Question about securelevel
roberto at redix.it
roberto at redix.it
Wed Feb 11 06:28:30 PST 2004
>
> you do not need to go single user to change it. just remove the
> securelevel lines from /etc/rc.conf and reboot.
>
> greetings,
> tilo
>
As said, the root filesystem is read-only and the command "mount -uw /"
should be in disabled when securelevel==3, in my ideal kernel.
Actually the command "mount -uw /" will succeded when the securelevel==3,
but supposing should be not so difficult to change the FreeBSD kernel,
this (securelevel+readonly filesystem) could address the weakness of
securelevel+non-read-only filesystem.
Regards
Roberto
More information about the freebsd-security
mailing list