, 2006-01-18
A recently announced weakness in the BSD securelevel system isn't going to be fixed in OpenBSD. While securelevel may have problems, the vendor's security response is unacceptable and doesn't fit with their stated goals.
Expand all |
Post comment
How not to respond to a security advisory
2006-01-19
Miles (3 replies)
Miles (3 replies)
How not to respond to a security advisory
2006-01-25
Michael Favinsky (1 replies)
Michael Favinsky (1 replies)
Securelevels provide far more than the immutable and other flag capabilities for files. Do read the manual page:
http://www.openbsd.org/cgi-bin/man.cgi?query=securelevel&sek
tion=7&apropos=0&manpath=OpenBSD+Current&arch=i386
So doing away with securelevels because of a "break" in this one component makes no sense.
[ reply ]
Link to this comment: http://www.securityfocus.com/comments/columns/380/32968#32968