summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorTodd C. Miller <millert@cvs.openbsd.org>1997-04-05 22:06:11 +0000
committerTodd C. Miller <millert@cvs.openbsd.org>1997-04-05 22:06:11 +0000
commitebb808b9f530686a1afba78937ce81569f1fbcba (patch)
tree3484d1a9771833c1af90fe0ad527883e979fcc94
parent1787be53ace76bc6ac756a0f83d01a083614bb99 (diff)
settimeofday(2) restruction moved to secure level 2.
-rw-r--r--sbin/init/init.814
1 files changed, 8 insertions, 6 deletions
diff --git a/sbin/init/init.8 b/sbin/init/init.8
index ba5c9da6e52..c13e19821e9 100644
--- a/sbin/init/init.8
+++ b/sbin/init/init.8
@@ -1,4 +1,4 @@
-.\" $OpenBSD: init.8,v 1.6 1997/03/26 01:59:37 deraadt Exp $
+.\" $OpenBSD: init.8,v 1.7 1997/04/05 22:06:10 millert Exp $
.\" $NetBSD: init.8,v 1.6 1995/03/18 14:56:31 cgd Exp $
.\"
.\" Copyright (c) 1980, 1991, 1993
@@ -104,16 +104,18 @@ disks for mounted filesystems,
and
.Pa /dev/kmem
are read-only.
-The
-.Xr settimeofday 2
-system call can only advance the time.
.It Ic 2
Highly secure mode \- same as secure mode, plus disks are always
-read-only whether mounted or not.
+read-only whether mounted or not and
+the
+.Xr settimeofday 2
+system call can only advance the time.
This level precludes tampering with filesystems by unmounting them,
but also inhibits running
.Xr newfs 8
-while the system is multi-user.
+while the system is multi-user. Because the clock cannot
+be set back in time, malicious users who have gained root
+priviledges are unable to change a file's ctime.
.El
.Pp
Normally, the system runs in level 0 mode while single user