> I was busy getting myself into firewalling, and I thought this might be a
> useful patch:
> >>>>>>>>>>>>>>>
> --- ip_sockglue.c.ori Mon Feb 26 12:27:50 1996
> +++ ip_sockglue.c Mon Feb 26 12:28:00 1996
> @@ -387,7 +387,7 @@
> case IP_FW_POLICY_IN:
> case IP_FW_POLICY_OUT:
> case IP_FW_POLICY_FWD:
> - if(!suser())
> + if(!suser() || securelevel > 0)
> return -EPERM;
> if(optlen>sizeof(tmp_fw) || optlen<1)
> return -EINVAL;
> <<<<<<<<<<<<<<<
> This effectively freezes your firewall configuration after boot, so the bad
> guys can't open your net even if they manage to hack into your firewall machine.
I don't think this is a good idea. There might be valid reasons for
changing firewall rules while the system is running. One of them is
to change your firewall rules during working (office) hours. Or you
might temporarily add some permissions, e.g., for a PPP connection
that has permissions depending on the person that just logged in.
Besides that, as long as root can add (alias) interfaces (ok, you don't
need to include this in your kernel), can change routing tables, can
write to /dev/kmem, etc., changing firewall rules is not the biggest
problem we have when someone broke in as root. :-)
-- -- Jos Vos <jos@xos.nl> -- X/OS Experts in Open Systems BV | Phone: +31 20 6938364 -- Amsterdam, The Netherlands | Fax: +31 20 6948204