Great Circle Associates Firewalls
(December 1996) 		 
Indexed By Date: [Previous] [Next] Indexed By Thread: [Previous] [Next]
Subject: Re: Linux as a Firewall Platform
From: Ambrose Li <news-misc @ byron . net4 . io . org>
Organization: Ming Pao Daily News (Canada)
Date: Wed, 18 Dec 1996 23:17:22 GMT
To: firewalls @ greatcircle . com
Distribution: local
References: <Pine . LNX . 3 . 95 . 961217201427 . 31061A-100000 @ co . numerix . com> <m0vaApK-0004ixC @ lina>
Reply-to: Ambrose Li <acli @ www . mingpaoxpress . com> 
In article <m0vaApK-0004ixC @
 lina>, Bernd Eckenfels <lists @
 lina .
 inka .
 de> wrote:
>
>> Also, how would you patch sysctl.c in order to get write acess?  just
>> change the 0444 to 0644 in the line :
>
>AFAIK yes. The strategy function will ensure that you can only increase the
>value. (PID 1 could decrease it). In addition to that you have to remove
>module support from kernel, this wont be blocked by securelevel.

Can you verify this? I just tried it, and it doesn't work. (I can decrease
the securelevel while in runlevel 5.) Perhaps an external program (like
the BSD sysctl) instead of patching sysctl.c should be how it is done?


--
Ambrose Li. acli @
 mingpaoxpress .
 com .
  Ming Pao Newspapers (Canada) Ltd., EDP
department. 1355 Huntingwood Drive, Scarborough, Ontario, M1S 3J1, Canada.
Voice +1 416 321 0088 x272 Fax +1 416 321 9663.
                                                My favourite OS has yet no
Follow-Ups:
References:
Indexed By Date Previous: RE: ipfwadm firewall for linux
From: Gene Lee <genel @ inforamp . net>
Next: RADIUS PARAMETERS
From: Jose Antonio Izquierdo <jail97 @ medusa . es>
Indexed By Thread Previous: Re: Linux as a Firewall Platform
From: lists @ lina . inka . de (Bernd Eckenfels)
Next: Re: Linux as a Firewall Platform
From: Ambrose Li <news-misc @ mingpaoxpress . com>
Google
 
Search Internet Search www.greatcircle.com