Re[2]: gpart destroy, zpool destroy, zfs destroy under securelev
Hello,
> if you have root privileges you can just write some random bytes in some
> places and this will be enough to break your system. So, restricting
> some gpart's or zpool's actions depending from securelevel looks like
> protection from kids.
Having root under securelevel 3 confirmed disallows you to:
1) Direct write to the block devices such as (a)da
2) Change rules and/or shutdown pf
3) Remove system flags such as schg, sunlnk
I think your statement true in case of securelevel -1, we're talking about
the highest one - 3, which shown in logs.
_______________________________________________
freebsd-current@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-current
To unsubscribe, send any mail to "freebsd-current-unsubscribe@freebsd.org"
討論串 (同標題文章)
完整討論串 (本文為第 1 之 2 篇):