[1300] in linux-security and linux-alert archive

home help back first fref pref prev next nref lref last post

[linux-security] Chattr +i and securelevel

daemon@ATHENA.MIT.EDU (E. Lefty Kreouzis)
Tue Nov 19 14:43:07 1996

Old-X-Envelope-From: lefty@fage.gr  Mon Nov 18 03:53:59 1996
Resent-From: "E. Lefty Kreouzis" <lefty@fage.gr>
Resent-To: linux-security@redhat.com
Date: Mon, 18 Nov 1996 11:53:59 +0200 (EET)
From: "E. Lefty Kreouzis" <lefty@fage.gr>
To: linux-security@redhat.com
Reply-To: linux-security@redhat.com


has anyone played with the securelevel variable in the kernel and the 
immutable flags in the ext2 file system?

The only way I have found to change the flag is by
patching sched.c from

int securelevel=0
to int securelevel=1

The sysctrl code seems to allow the setting of the flag
only by init (PID=1) and only upwards (0->1, etc).
The problem is that I haven't found a way to get
init to set the securelevel variable. 
Is securelevel used in the Linux community?

[ Mod: If you have a look at securelevel code you can see that at this
moment the only process that can change securelevel is init. From what I
gather, even though the basic support for securelevel is already in kernel,
it is so basic that nothing can be done in a stock kernel. 

Someone also was working on a project of bringing POSIX.6 privs to linux but
the last patch that I have seen was against 2.0 kernel. Those who are
interested in merging two patches should have a look at
http://www.xarius.demon.co.uk/software/posix6/ -- alex ]


home help back first fref pref prev next nref lref last post