On Mon, 12 Jul 1999, Doug Rabson wrote: > On Mon, 12 Jul 1999, Karl Pielorz wrote: > > > > > > > Mark Newton wrote: > > > > > > Karl Pielorz wrote: > > > > > > > Yes, a nice, effective - and simply way of replacing syscall's on > > > FreeBSD... > > > > Some might say a little too 'simple'? > > > > > > Garbage. You can do this on any OS, whether it supports loadable > > > modules or not, if you've managed to win sufficient privileges through > > > some other means. > > > > I was actually leaning towards that... My boss had kittens here (we have 12 > > FreeBSD boxes running the show now), until I'd explained it to him... If > > syscall's need to be replaced, they need to be replaced - and if they are > > replaceable ... (I'll stop there) :) > > > > The article (from what I can remember) didn't actually go out of it's way to > > say you have to have be root to load the modules in the first place :) - > > Maybe > > it's warrants some kind of response page putting up somewhere? - this is > > also > > getting off topic for -hackers :(... > > It was mentioned when describing the conditions for allowing the file load > (securelevel == 0 && uid == 0).
which suggests that most important servers should be run whith securelevel > 0 To Unsubscribe: send mail to majord...@freebsd.org with "unsubscribe freebsd-hackers" in the body of the message
