I might add that to be able to unmount /usr, if that is indeed where /usr/bin/login is being run from, or any other filesystem for that matter, it needs to be totally unused. For this reason, I think you would be hard pressed to have /usr unmounted in a manner that would go undetected unless you were in single luser mode. Depending on what else runs on the system and how packages are installed, the same might be true for other file systems often used for installation of binaries (/usr/local). To give you some idea of the programs which would need to have been stopped before unmounting /usr are as follows: syslogd, update, cron, inetd, getty (according to NetBSD-1.4). That said, I do think that the claims made by the documentation for securelevel 1 are false and should instead mention something about changing file flags through "conventional means" with a more complete briefing available for securelevel 2. Darren
This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 14:51:28 PDT