docs/104403: man security should mention that the usage of the X Window Systen is only possible with kern.securitylevel=-1

Niclas Zeising lothrandil at n00b.apagnu.se
Sun Nov 12 13:55:45 UTC 2006


Giorgos Keramidas wrote:
> On 2006-11-12 10:52, Niclas Zeising <lothrandil at n00b.apagnu.se> wrote:
>> Giorgos Keramidas wrote:
>>>> With kern.securitylevel=0 or higher it is not possible to start X.
>>> You can still use `xdm' or a similar way of starting X11, because
>>> it will be started by init(8) before the securelevel is raised by
>>> the `/etc/rc.d/securelevel' script.
>>>
>>> I don't think this is worth mentioning in security(7), because
>>> we can't possibly document *ALL* the possible things that can
>>> fail with a bumped securelevel.
>> It it probably worth mentioning somewhere, as it will avoid some foot
>> shooting from unaware users. One can discuss though that if the extra
>> security provided by the security level is needed, maybe the system
>> shouldn't run X in the first place.
> 
> I'm not sure.
> 
> Should we also mention that you can't "installworld" with an elevated
> securelevel, because chflags may fail to work and cause problems?
> Should we also mention that not being able to change the firewall rules
> can be tricky, if you are testing your new firewall ruleset, and get
> locked out?
> 
> There are *MANY* ways in which an elevated securelevel can turn around
> and bite you in the ass, but do we _really_ have to enumerate them all
> in mind-boggingly detail?  ... in a single manpage?
> 
> I really don't know.
> 

I believe they should be documented somewhere, to avoid questions. But 
you are right in that there are numerous consequences in raising secure 
levels and that it might be a bit over the top to document them all. 
Maybe I/we have to face the fact that it's too much and/or unnecessary 
to document all consequences, and rely on that if a sysadmin feels the 
need to raise the secure-level he knows what he's doing and the 
consequences of doing so.
Maybe the biggest issues in raising secure-level should be mentioned, 
but then again, who decides which those issues are?

Maybe it's best to leave the documentation regarding this as it is, and 
give an answer whenever the issues pops up.
//Niclas



More information about the freebsd-doc mailing list