I've noticed that currently, violations of securelevel are aborted, but not
typically logged. It seems like in addition to aborting whichever calls are
in progress, logging an error might be beneficial. I recognize that this
goes along the same lines as logging file permission errors, but if a file
is marked immutable, the implicit value of the file should suggest that one
might want to be able to audit attempted changes to that file.
A case in point: /usr/src/sys/kern/kern_linker.c (4.5 STABLE):
int
linker_load_file(const char* filename, linker_file_t* result)
{
...
/* Refuse to load modules if securelevel raised */
if (securelevel > 0)
return EPERM;
.....
Would the following not work?
int
linker_load_file(const char* filename, linker_file_t* result)
{
...
/* Refuse to load modules if securelevel raised */
if (securelevel > 0)
{
log(LOG_ERR, "Unable to load module %s: securelevel violation \n",
filename);
return EPERM;
}
...
So, my questions are: Why shouldn't it be done? What simple problems am I
overlooking? (Would such a contribution have a chance of making it into
5.0?)
- Jeff
=================
Jeff Jirsa
[EMAIL PROTECTED]
=================
To Unsubscribe: send mail to [EMAIL PROTECTED]
with "unsubscribe freebsd-hackers" in the body of the message
