From owner-FreeBSD-users-jp@jp.freebsd.org  Wed Sep 19 23:21:15 2001
Received: (from daemon@localhost)
	by castle.jp.freebsd.org (8.9.3+3.2W/8.7.3) id XAA74011;
	Wed, 19 Sep 2001 23:21:15 +0900 (JST)
	(envelope-from owner-FreeBSD-users-jp@jp.FreeBSD.org)
Received: from amalthea.phys.s.u-tokyo.ac.jp (amalthea.phys.s.u-tokyo.ac.jp [133.11.165.241])
	by castle.jp.freebsd.org (8.9.3+3.2W/8.7.3) with SMTP id XAA74006
	for <FreeBSD-users-jp@jp.freebsd.org>; Wed, 19 Sep 2001 23:21:14 +0900 (JST)
	(envelope-from ginga@amalthea.phys.s.u-tokyo.ac.jp)
Received: (qmail 15183 invoked by uid 9014); 19 Sep 2001 14:21:13 -0000
Date: Wed, 19 Sep 2001 23:21:13 +0900
From: Kawaguti Ginga <ginga@athena.club.ne.jp>
To: FreeBSD-users-jp@jp.freebsd.org
Message-ID: <20010919232113.E9434@amalthea.phys.s.u-tokyo.ac.jp>
References: <17123.1000904488@ideon.st.ryukoku.ac.jp>
Mime-Version: 1.0
Content-Type: text/plain; charset=iso-2022-jp
Content-Disposition: inline
In-Reply-To: <17123.1000904488@ideon.st.ryukoku.ac.jp>
User-Agent: Mutt/1.3.22.1i-ja0-beta
Reply-To: FreeBSD-users-jp@jp.freebsd.org
Precedence: list
X-Distribute: distribute version 2.1 (Alpha) patchlevel 24e+010328
X-Sequence: FreeBSD-users-jp 64379
Subject: [FreeBSD-users-jp 64379] Re: kern_securelevel=1
 =?ISO-2022-JP?B?GyRCJEc9cSQtOX4kYSRKJCQbKEI=?=
 disks for mounted filesystems 	=?ISO-2022-JP?B?GyRCJEgbKEI=?=
 =?ISO-2022-JP?B?GyRCJE8bKEI=?= ?
Errors-To: owner-FreeBSD-users-jp@jp.freebsd.org
Sender: owner-FreeBSD-users-jp@jp.freebsd.org
X-Originator: ginga@athena.club.ne.jp

$B@n8}$G$9(B

# source $B$rFI$s$G$$$k$o$1$G$O$J$$$G$9(B

In Wed, Sep 19, 2001 at 10:01:28PM +0900,
KOJIMA Hajime / $B>.EgH%(B <kjm@rins.ryukoku.ac.jp> wrote:
>   4.3-RELEASE $B$N(B init(8) $B$K$O!"(Bkern_securelevel $B$K$D$$$F(B
> 
> >  1     $B0BA4$J%b!<%I(B - $BJQ99IT2D%U%i%0$dDI2C$N$_$N%U%i%0$O%*%U$K$G$-$^$;$s!#(B
> >        $B%^%&%s%H$5$l$?%U%!%$%k%7%9%F%`$N%G%#%9%/$*$h$S(B /dev/mem $B$d(B
> >        /dev/kmem $B$O(B read-only $B$H$J$j$^$9!#%+!<%M%k%b%8%e!<%k(B ( kld(4) $B;2(B
> >        $B>H(B) $B$O!"%m!<%I$*$h$S%"%s%m!<%I$G$-$^$;$s!#(B
>  
>   ($B1Q8l86J8(B)
> 
> >  1     Secure mode - the system immutable and system append-only flags may
> >        not be turned off; disks for mounted filesystems, /dev/mem, and
> >        /dev/kmem may not be opened for writing; kernel modules (see
> >        kld(4)) may not be loaded or unloaded.

security(7) $B$N(B man $B$+$i$O(B
mounted file system $B$KBP$9$k(B raw device $B7PM3$N(B"$B967b(B"$B$,(B
$B=PMh$^$;$s$h!$$J8z2L$,4|BT$5$l$F$$$k$h$&$J$N$G(B
$BNc$($P(B /dev/ad0s3a => / $B$N;~$K(B / $B$N(B file system $BFb$N(B
$B%U%!%$%k$rIaDL$K%"%/%;%9$9$k$N$O(B permission $BDL$j$@$1$l$I(B
/dev/rad0s3a $B$H$+$r7PM3$7$F$[$2$[$2$9$k$N$,(B
$B5Q2<$5$l$k$H$$$&$3$H$8$c$J$$$G$7$g$&$+(B?

>   $B$G$O!"!V%^%&%s%H$5$l$?%U%!%$%k%7%9%F%`$N%G%#%9%/!W$H$O$$$C$?$$2?(B
>   $B$J$N$G$7$g$&$+(B?  $B%^%&%s%H$5$l$?%U%!%$%k%7%9%F%`$N2?$,(B may not be
>   opened for writing $B$@$H$$$&$N$G$7$g$&$+(B?

$B$?$V$s$=$&$GFI$_J}$H$7$F$O(B
$B!V%^%&%s%H$5$l$?%U%!%$%k%7%9%F%`$N%G%#%9%/(B($B$KBP1~$9$k%G%P%$%9%U%!%$%k(B)$B!W(B
$B$,3+$1$J$$!$$N$G$O$J$$$+$H$$$&5$$,$7$^$9(B

# $B$d$C$QBg30$7$+$J(B...
-- 
       $B"J"J(B               
Zzz.. (- - )$B"^"^"=!A(B         $B@n8}(B $B6d2O(B
      ##############   ginga@athena.club.ne.jp
