This patches security/Makefile and security/Kconfig and creates
security/seclvl.c. Previous patches that Serge sent to this list
address the settime hooks.
Changelog:
12/02/2003 Updated by Michael A. Halcrow:
1. Removed seclvl from /proc filesystem.
2. Generated seclvl directory, with seclvl and passwd
attributes, in the sysfs filesystem.
3. Implemented password-based secure level reduction. The
password may be passed in either as plain text via the
plaintextPassword module parameter, or in its
hexadecimal SHA1 form via the sha1Password module
parameter. Note that you can generate the SHA1
representation of a password with the sha1sum utility:
echo -n "secret" | sha1sum
4. Implemented rate-limiting of kernel messages to the log.
Notice that, when you compile the module into the kernel, the initial
secure level is set to 0, as opposed to when you compile the module
as a stand-alone, in which case the initial secure level is set to 1.
Most distributions out there want to be able to load modules and the
sort while booting.
The sha1 crypto module must be present in order to use the
password-based seclvl reduction.
Mike
This archive was generated by hypermail 2b30 : Wed Dec 03 2003 - 14:06:59 PST