[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

securelevel

To: misc@openbsd.org
Subject: securelevel
From: form@vs.itam.nsc.ru
Date: Thu, 2 Jul 1998 16:58:14 +0700 (NOVST)
Delivery-Date: Thu Jul 2 02:59:30 1998


Hello All!

I found one strange (IMHO) thing. In init(8) man page we see some
information about kern.securelevel:

     [...skip...]
     1     Secure mode - system immutable and append-only flags may not be
           turned off; disks for mounted filesystems, /dev/mem, and /dev/kmem
                       ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
           are read-only.

I'm running OpenBSD 2.3 (current, 30 Jun 1998):

vs# uname -pa
OpenBSD vs.itam.nsc.ru 2.3 VS#2 i386 Intel Pentium/MMX ("GenuineIntel" 586-class)

vs# sysctl -a |grep secure
kern.securelevel = 1

And I found that I can write disklabel to disks I mounted filesystems
from. Also in installboot(8) manpage we see that we should do this command
before securelevel switching, but it seems that this command works even on
securelevel=1

Is it bug or I don't understood something?

---
* FORTRAN defaults: God is real, unless declared integer...

Follow-Ups:
- Re: securelevel
  - From: "Todd C. Miller" <Todd.Miller@courtesan.com>

Prev by Date: 32bit mode for wd*
Next by Date: Re: securelevel
Prev by thread: 32bit mode for wd*
Next by thread: Re: securelevel
Index(es):
- Date
- Thread