[prev in list] [next in list] [prev in thread] [next in thread] 

List:       freebsd-hackers
Subject:    Re: So, back on the topic of enabling bpf in GENERIC...
From:       Warner Losh <imp () village ! org>
Date:       1999-07-31 23:33:55
[Download RAW message or body]

In message <19990731154458.A2068@netmonger.net> Christopher Masto writes:
: I hope you mean "> 1".  I often diagnose problems using tcpdump etc.,
: and I don't think bpf should be broken just because someone wants the
: minor "flags can't be turned off" feature of level 1.

Flags can't be turned off at level 1, and raw devices cannot be
accessed:
     1     Secure mode - the system immutable and system append-only flags may
           not be turned off; disks for mounted filesystems, /dev/mem, and
           /dev/kmem may not be opened for writing.

Notice that raw devices cannot be opened...

: It seems to be that disabling bpf is more appropriate for security
: level 2 and up, if such a thing is desirable.  I'm not sure it is.

     2     Highly secure mode - same as secure mode, plus disks may not be
           opened for writing (except by mount(2))  whether mounted or not.
           This level precludes tampering with filesystems by unmounting them,
           but also inhibits running newfs(8) while the system is multi-user.
and

     3     Network secure mode - same as highly secure mode, plus IP packet
           filter rules (see ipfw(8) and ipfirewall(4))  cannot be changed and
           dummynet(4) configuration cannot be adjusted.

I could see arguments for both levels....

Warner


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-hackers" in the body of the message

[prev in list] [next in list] [prev in thread] [next in thread]