Don't ever allow lowering the securelevel at all. Allowing it does
nothing good except of opening a can of (potential or real) security holes. People maintaining a machine with higher security requirements need to be on the console anyway, so there's no point in not forcing them to reboot before starting maintenance. Agreed by: hackers, guido
This commit is contained in:
parent
f8a42d82e9
commit
e16ed08126
Notes:
svn2git
2020-12-20 02:59:44 +00:00
svn path=/head/; revision=26923
@ -37,7 +37,7 @@
|
|||||||
* SUCH DAMAGE.
|
* SUCH DAMAGE.
|
||||||
*
|
*
|
||||||
* @(#)kern_sysctl.c 8.4 (Berkeley) 4/14/94
|
* @(#)kern_sysctl.c 8.4 (Berkeley) 4/14/94
|
||||||
* $Id: kern_mib.c,v 1.7 1997/03/03 12:58:19 bde Exp $
|
* $Id: kern_mib.c,v 1.8 1997/03/04 18:31:54 bde Exp $
|
||||||
*/
|
*/
|
||||||
|
|
||||||
#include <sys/param.h>
|
#include <sys/param.h>
|
||||||
@ -123,7 +123,7 @@ sysctl_kern_securelvl SYSCTL_HANDLER_ARGS
|
|||||||
error = sysctl_handle_int(oidp, &level, 0, req);
|
error = sysctl_handle_int(oidp, &level, 0, req);
|
||||||
if (error || !req->newptr)
|
if (error || !req->newptr)
|
||||||
return (error);
|
return (error);
|
||||||
if (level < securelevel && req->p->p_pid != 1)
|
if (level < securelevel)
|
||||||
return (EPERM);
|
return (EPERM);
|
||||||
securelevel = level;
|
securelevel = level;
|
||||||
return (error);
|
return (error);
|
||||||
|
Loading…
Reference in New Issue
Block a user