From owner-man-jp-reviewer@jp.freebsd.org  Wed Feb 24 01:08:13 1999
Received: (from daemon@localhost)
	by jaz.jp.freebsd.org (8.9.2+3.1W/8.7.3) id BAA22824;
	Wed, 24 Feb 1999 01:08:13 +0900 (JST)
	(envelope-from owner-man-jp-reviewer@jp.FreeBSD.org)
Received: from mail.yk.rim.or.jp (root@mail.yk.rim.or.jp [202.247.130.37])
	by jaz.jp.freebsd.org (8.9.2+3.1W/8.7.3) with ESMTP id BAA22815
	for <man-jp-reviewer@jp.freebsd.org>; Wed, 24 Feb 1999 01:08:12 +0900 (JST)
	(envelope-from k-horik@yk.rim.or.jp)
Received: from localhost (ppp475.yk.rim.or.jp [202.247.165.175])
	by mail.yk.rim.or.jp (8.8.8/3.6W-RIMNET-98-06-09) with ESMTP id BAA13424
	for <man-jp-reviewer@jp.freebsd.org>; Wed, 24 Feb 1999 01:08:10 +0900 (JST)
To: man-jp-reviewer@jp.freebsd.org
In-Reply-To: Your message of "Tue, 23 Feb 1999 08:27:08 +0900"
	<19990223082708B.yt-kage@cb3.so-net.ne.jp>
References: <19990223082708B.yt-kage@cb3.so-net.ne.jp>
X-Mailer: Mew version 1.93 on Emacs 19.28 / Mule 2.3 (SUETSUMUHANA)
Mime-Version: 1.0
Content-Type: Text/Plain; charset=iso-2022-jp
Content-Transfer-Encoding: 7bit
Message-Id: <19990224010733J.k-horik@yk.rim.or.jp>
Date: Wed, 24 Feb 1999 01:07:33 +0900
From: Kazuo Horikawa <k-horik@yk.rim.or.jp>
X-Dispatcher: imput version 980905(IM100)
Lines: 80
Reply-To: man-jp-reviewer@jp.freebsd.org
Precedence: list
X-Distribute: distribute version 2.1 (Alpha) patchlevel 24e+981115
X-Sequence: man-jp-reviewer 1038
Subject: [man-jp-reviewer 1038] Re: security.7
Errors-To: owner-man-jp-reviewer@jp.freebsd.org
Sender: owner-man-jp-reviewer@jp.freebsd.org
X-Originator: k-horik@yk.rim.or.jp

 $BKY@n$G$9!#(B

$B0~;3$5$s!'(B
> security.7$B$N%A%'%C%/$r=*N;$7$^$7$?!#(B
 $B$"$j$,$H$&$4$6$$$^$9!#(B

> @@ -265,10 +272,11 @@
>  $B0BA4$G$"$kJ}$,$h$$$N$G!"MQ?4?<$$%7%9%F%`4IM}<T$O;DG0$K;W$$$J$,$i$b!"(B
>  $B%9%?%C%U$N$_$,<B9T$9$kI,MW$,$"$k(B suid $B%P%$%J%j$O!"%9%?%C%U$N$_$,(B
>  $B%"%/%;%92DG=$JFCJL$J%0%k!<%W$K4^$a$k$h$&$K@)8B$r2C$(!"(B
> -$B?/F~<T$,(B sgid-kmem $B$N%P%$%J%j$rGK$k$3$H$,$G$-$?>l9g!"(B
> +$B?/F~<T$,(B sgid$B$5$l$?(Bkmem $B$N%P%$%J%j$rGK$k$3$H$,$G$-$?>l9g!"(B
>  $B$=$N?/F~<T$O(B /dev/kmem $B$rFI$_=P$9$3$H$,$G$-$k$h$&$K$J$j$^$9!#(B
 $B!V(Bkmem $B$K(B sgid $B$5$l$?%P%$%J%j$r!D!W$NJ}$,NI$$$N$G$O$J$$$G$7$g$&$+!#(B

> @@ -331,7 +340,7 @@
>  $B$H$$$&G:$_$N<o$,$^$@;D$C$F$$$^$9!#$3$NLdBj$K4X$7$F$O!"?/F~<T$O(B raw
>  $B%G%P%$%9$K=q$-9~$`$3$H$b$G$-$^$9!#$3$NLdBj$rHr$1$k$?$a!"%7%9%F%`4IM}<T$O(B
>  $B%+!<%M%k$r$h$j9b$$0BA4%l%Y%k(B
> -.Pq securelevel
> +.Pq secure level
>  $B!">/$J$/$H$b0BA4%l%Y%k(B 1 $B$G<B9T$5$;$kI,MW$,$"$j$^$9!#(B
>  sysctl $B$r;H$C$F(B kern.securelevel $BJQ?t$K0BA4%l%Y%k$r@_Dj$9$k$3$H$,(B
>  $B$G$-$^$9!#$R$H$?$S0BA4%l%Y%k$K(B 1 $B$r@_Dj$9$k$H!"(B
 $B$3$3$N(B securelevel $B$O(B $B%+!<%M%k%Q%i%a%?$N(B kern.securelevel $B$N$3$H$G$"(B
$B$j!"86J8$G$b(B securelevel $B$H$J$C$F$$$k$N$G!"85$NJ}$,$h$$$N$G$O$J$$$G$7$g(B
$B$&$+!#(B
 $B$?$@!"LuJ8$G$O(B securelevel $B$K3:Ev$9$kItJ,$O!V0BA4%l%Y%k!W$K$J$C$F$$$k$N$G(B
$B!V(B.Pq secure level$B!W$K$7$?J}$,J,$+$j$d$9$$$H$$$&$3$H$O$"$k$+$b$7$l$^$;$s!#(B

> -.Po
> -.Sq nodev
> -$B%*%W%7%g%s(B
> -.Pc
[$BN,(B]
> +$B%f!<%6%Q!<%F%#%7%g%s>e$G(B suid $B$5$l$?%P%$%J%j$H%G%P%$%9$rIT5v2D$K(B
> +$B$7$F$*$-!"(B
> +.Pq nodev $B%*%W%7%g%s(B
> +$B$=$N%Q!<%F%#%7%g%s$r%9%-%c%s$7$J$$$G:Q$^$;$k$3$H$bM-1W$+$b$7$l$^$;$s!#(B

 o $B86J8(B ('nodev' option) $B$J$N$G!"!V(B('nodev' $B%*%W%7%g%s(B)$B!W$+85$NJ}$,NI$$$N(B
   $B$G$O$J$$$G$7$g$+!#(B
 o $B!V(B('nodev' $B%Q!<%F%#%7%g%s(B)$B!W$O!V$7$F$*$-!W$H!V!"!W$K$"$k$Y$-$@$H;W$$$^$9!#(B

>  $B6-3&%k!<%?$N$H$3$m$G%U%!%$%"%&%)!<%k$r@_$1$F!"30It$+$i$N%"%/%;%9$KBP$7$F(B
> -$BFbIt%5!<%S%9$rKI8f$9$k$3$H$O<B$K$h$$9M$($G$9!#$3$N9M$(J}$O!"(BLAN $B$N30(B
> -$B$+$i$NK0OB967b$rKI$0$3$H$K$"$j!"(Broot $B$+$i$N%M%C%H%o!<%/%Y!<%9$N(B root 
> -$B8"8B$X$N967b$+$iFbIt%5!<%S%9$rKI8f$9$k$3$H$K!"$"$^$j9MN8$rJ'$C$F(B
> +$BFbIt%5!<%S%9$rKI8f$9$k$H$$$&9M$($O<B$K$h$$$b$N$G$9!#$3$N9M$($O!"(BLAN $B$N30It(B
> +$B$+$i$NK0OB967b$rKI$0$3$H$K$"$j!"(Broot $B%M%C%H%o!<%/%Y!<%9$N(B root 
> +$B8"8B$X$N967b$+$iFbIt%5!<%S%9$rKI8f$9$k$3$H$K$O!"$"$^$j9MN8$rJ'$C$F(B
>  $B$$$^$;$s!#%U%!%$%"%&%)!<%k$O>o$KGSB>E*$K@_Dj$7$F2<$5$$!#$D$^$j!"(B
 $B<B$O$o$+$C$F$J$$$N$G$9$,!"86J8$N!V(Broot network-based root compromise$B!W$C(B
$B$F$I$&$$$&0UL#$J$N$G$7$g$&!)(B

>  (1) $BIi2Y$N7Z$$%5!<%P$,FMA3967b$5$l$?>l9g!"%+!<%M%k$,==J,AGAa$/H?1~(B
> -$B$7$J$$$3$H!#(B(2) $B%+!<%M%k$,967b$KBQ$(@8$-1d$S$i$l$k$[$I==J,(B
> -rtminexpire $B$,Dc$/$J$C$F$$$J$$$3$H!#<+J,$N%5!<%P$,(B T3 $B$b$7$/$O$=$l$h$j(B
> +$B$G$-$J$$$3$H!#(B(2) $B%+!<%M%k$,967b$KBQ$(@8$-1d$S$i$l$k$[$I==J,(B
> +rtminexpire $B$,Dc$/@_Dj$5$l$F$$$J$$$3$H!#$N(B2$B$D$G$9!#(B
> +$B<+J,$N%5!<%P$,(B T3 $B%9%Q%s$b$7$/$O$=$l$h$j(B
>  $BNI<A$N2s@~$G%$%s%?!<%M%C%H$K@\B3$5$l$F$$$k>l9g!"(B
 ($BKY@n$,CN$i$J$$$@$1$@$H;W$&$N$G$9$,(B)$B!V(BT3 $B%9%Q%s!W$N!V%9%Q%s!W$H$O$I$&(B
$B$$$&0UL#$G$7$g$&!)(B
 $B!V(BTn$B!W$J$I$H$$$&I=8=$O$h$/8+$k$N$G85$N$^$^$GNI$$$H;W$$$^$7$?!#(B

> @@ -625,7 +633,7 @@
>  .Xr sysctl 8
>  .Sh $BNr;K(B
>  .Nm
> -$B%^%K%e%"%k%Z!<%8$O!"$b$H$b$H(B
> +$B$3$N%^%K%e%"%k%Z!<%8$O!"$b$H$b$H(B
>  .An Matthew Dillon
>  $B$K$h$C$F=q$+$l$^$7$?!#(B
>  $B:G=i$K8=$l$?$N$O!"(B
 $B%U%)!<%^%C%H$9$k$H(B
 $B!V(Bman $B$3$N%^%K%e%"%k%Z!<%8$O!D!W$H$J$C$F$7$^$&$N$G!"85$N(B
 $B!V(Bman $B%^%K%e%"%k%Z!<%8$O!D!W$NJ}$,NI$$$G$9!#(B
--
$BKY@nOBM:(B
