In article <199604021800.UAA05094@susix.jura.uni-sb.de>,
bof@math.uni-sb.de (Patrick Schaaf) writes:
> In lists.linux.kernel you write:
>> However, one thing which could be done fairly easily would be to (a)
>> protect init from all attacks, making it immune to ptrace, kill -9
>> etc;
> isn't this implemented since I don't know when? I remember something
> like 'init does not get signals it doesn't handle'. But I don't
> know why init should be able to lower the secure level anyway - use
> a boot disk or single user mode if needed.
Because init needs to be able to restore singleuser mode on demand for
(a) shutdown and (b) system admin/repair without a hard reboot. It
should indeed be an option to prevent init from backing down on the
securelev, but for many cases this ability is a genuine asset.
Cheers,
Stephen.
-- Stephen Tweedie <sct@dcs.ed.ac.uk> Department of Computer Science, Edinburgh University, Scotland.