Re: Experimental yet interesting securelevel patch :-)

Rob Hagopian (hagopiar@vuser.vu.union.edu)
Fri, 22 Aug 1997 13:52:55 -0400 (EDT)

Messages sorted by: [ date ][ thread ][ subject ][ author ]
Next message: Stanislav V. Voronyi: "Bug fix in serial driver"
Previous message: Gerd Knorr: "Re: cdrom errors with 2.0.31-pre7"

> 2) securelevel is -rw-r--r--, no? So you would have to gain root acc. to
> screw with the computer this way. If you have root access, there are easyer
> ways to screw things up. (Although putting all ones into securelevel before
> you leave might be nice.)
>
> 3) Then set securelevel before you allow any access to the system. And
> hope that the hacker dosn't edit your /etc/rc.d/* before they boot.

The only way I can see to get around this is to disable reboots going
into multiuser mode. This can't be done in init/lilo because those can
always be rewritten. So you have to have a read-only boot device (side
effect: if you do have a read-only boot device you _can_ go straight into
multiuser mode...).
If securelevel was able to take kernel parameters, you could toss
lilo/whatever on a write protected floppy (or network booting! :-) and
pass securelevel parameters straight in. If one of those were to make
securelevel 444 and prevent tampering with securelevel, you're fairly
secure (hmmmm... how possible would it be to work around that - as root -
by directly changing kernel memory?)
Thus, you have now locked the system at whatever securelevel you want.
-Rob H.

Next message: Stanislav V. Voronyi: "Bug fix in serial driver"
Previous message: Gerd Knorr: "Re: cdrom errors with 2.0.31-pre7"