[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Security: FreeBSD vs OpenBSD
In some mail from Rod... Whitworth, sie said:
> Nobody ever seems to mention securelevel 2 in which state root is NOT
> all powerful.
> Together with suitably chosen chflags options I would have thought we
> had something better than just an all powerful root.
Problem is, using securelevel & chflags you are denying operations
completely to all users, wherever and whoever they may be. Neither
is three any concept of delegation.
"root on /dev/console" arguably should have more privs than "root on
/dev/ttyp4" and that's what things like TrustedBSD are looking at.