Securelevels

[Ivaylo Mateev]

Hi,

I think I found a bug.

[strato at darkstar /usr/home/strato]$ sudo sysctl kern.securelevel
kern.securelevel: 2
[strato at darkstar /usr/home/strato]$ kgdb
kgdb: /dev/mem: Permission denied
[strato at darkstar /usr/home/strato]$ sudo kgdb
[GDB will not be able to debug user-mode threads: /usr/lib/libthread_db.so: 
Undefined symbol "ps_pglobal_lookup"]
GNU gdb 6.1.1 [FreeBSD]

I am running in securelevel 2. That means nithing can have direct access 
to /dev/mem, acording to man security:

1     Secure mode - the system immutable and system append-only flags may
           not be turned off; disks for mounted file systems, /dev/mem and
           /dev/kmem may not be opened for writing; /dev/io (if your platform
           has it) may not be opened at all; kernel modules (see kld(4)) may
           not be loaded or unloaded.

     2     Highly secure mode - same as secure mode, plus disks may not be
           opened for writing (except by mount(2)) whether mounted or not.
           This level precludes tampering with file systems by unmounting
           them, but also inhibits running newfs(8) while the system is multi-
           user.

So is this a bug or I am just to stupid?