Unprivilegued settings for FreeBSD kernel variables

Dag-Erling Smørgrav des at des.no
Tue Jun 15 10:12:47 GMT 2004

Radko Keves <rado at daemon.sk> writes:
> kernel module can gives you a new sysctl (for example kern.securelevel2):
> kern.securelevel2
> with which you can lower/raiser sysctl.securelevel variable
> (source code attached)

     The kernel runs with five different levels of security.  Any super-user
     process can raise the security level, but no process can lower it.  The
     security levels are:

     -1    Permanently insecure mode - always run the system in level 0 mode.
           This is the default initial value.

     0     Insecure mode - immutable and append-only flags may be turned off.
           All devices may be read or written subject to their permissions.

     1     Secure mode - the system immutable and system append-only flags may
           not be turned off; disks for mounted file systems, /dev/mem,
           /dev/kmem and /dev/io (if your platform has it) may not be opened
           for writing; kernel modules (see kld(4)) may not be loaded or


so how, exactly, is the attacker going to load his malicious kernel

Dag-Erling Smørgrav - des at des.no

More information about the freebsd-bugs mailing list