[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [obsdfr-misc] Mise à jour

From: Francois Visconte <fv AT kh3 POINT org>
To: openbsd-france-misc AT openbsd-france POINT org, crem_crem AT hotmail POINT com
Subject: Re: [obsdfr-misc] Mise à jour
Date: Tue, 17 Oct 2006 15:42:05 +0200

Bonjour,

Et une autre petite question en passant : J'ai mon secure level à 2, et
pourtant il est possible de recompiler le noyau, l'userland....
En quoi consiste-t'il "la dernière ligne de défense si le compte root est
compromis" ?

extrait de securelevel(7):

     2 Highly secure mode
          -   all effects of securelevel 1
          -   raw disk devices are always read-only whether mounted or not

- settimeofday(2) and clock_settime(2) may not set the timebackwards or close to overflow

          -   pf(4) filter and NAT rules may not be altered

- the ddb.console and ddb.panic sysctl(8) variables may notbe raised



--
François

References:
- Mise à jour
  - From: tempus
- Re: [obsdfr-misc] Mise à jour
  - From: tempus
- Re: [obsdfr-misc] Mise à jour
  - From: Cabillot Julien
- Re: [obsdfr-misc] Mise à jour
  - From: tempus

Prev by Date: Re: [obsdfr-misc] Mise à jour
Next by Date: Re: [obsdfr-misc] Mise à jour
Previous by thread: Re: [obsdfr-misc] Mise à jour
Next by thread: Re: [obsdfr-misc] Mise à jour
Index(es):
- Date
- Thread