Re[2]: gpart destroy, zpool destroy, zfs destroy under securelevel 3

From: Vladimir Sharun <atz_at_ukr.net>
Date: Thu, 29 May 2014 11:56:15 +0300
('binary' encoding is not supported, stored as-is) Hello, > if you have root privileges you can just write some random bytes in some > places and this will be enough to break your system. So, restricting > some gpart's or zpool's actions depending from securelevel looks like > protection from kids. Having root under securelevel 3 confirmed disallows you to: 1) Direct write to the block devices such as (a)da 2) Change rules and/or shutdown pf 3) Remove system flags such as schg, sunlnk I think your statement true in case of securelevel -1, we're talking about the highest one - 3, which shown in logs. Received on Thu May 29 2014 - 06:56:27 UTC

This archive was generated by hypermail 2.4.0 : Wed May 19 2021 - 11:40:49 UTC