diff options
author | kato <kato@FreeBSD.org> | 1999-09-06 08:41:32 +0000 |
---|---|---|
committer | kato <kato@FreeBSD.org> | 1999-09-06 08:41:32 +0000 |
commit | 6ed01edd23576c43d374b94156503859913d413f (patch) | |
tree | 9c72e94de78d0e43d8aaba23e53f43302f1f251e /sbin/init | |
parent | fbe3b5e298cf635eb2cb1766b6cfa7a1001fcf59 (diff) | |
download | FreeBSD-src-6ed01edd23576c43d374b94156503859913d413f.zip FreeBSD-src-6ed01edd23576c43d374b94156503859913d413f.tar.gz |
FreeBSD kernel doesn't allow any process to decrease securelevel. So,
init(8) cannot decrease securelevel. The manual page explains this
and single_user() doesn't try to downgrade kernel to insecure mode.
Reviewed by: bde (manual page)
Diffstat (limited to 'sbin/init')
-rw-r--r-- | sbin/init/init.8 | 3 | ||||
-rw-r--r-- | sbin/init/init.c | 6 |
2 files changed, 1 insertions, 8 deletions
diff --git a/sbin/init/init.8 b/sbin/init/init.8 index e7aa9ac..d779c0e 100644 --- a/sbin/init/init.8 +++ b/sbin/init/init.8 @@ -92,8 +92,7 @@ is marked as .Dq secure . .Pp The kernel runs with four different levels of security. -Any super-user process can raise the security level, but only -.Nm +Any super-user process can raise the security level, but no process can lower it. The security levels are: .Bl -tag -width flag diff --git a/sbin/init/init.c b/sbin/init/init.c index 0e87093..75287b5 100644 --- a/sbin/init/init.c +++ b/sbin/init/init.c @@ -623,12 +623,6 @@ single_user() char altshell[128]; #endif - /* - * If the kernel is in secure mode, downgrade it to insecure mode. - */ - if (getsecuritylevel() > 0) - setsecuritylevel(0); - if (Reboot) { /* Instead of going single user, let's reboot the machine */ sync(); |