From nobody@FreeBSD.ORG  Tue Oct  3 09:10:24 2000
Return-Path: <nobody@FreeBSD.ORG>
Received: by hub.freebsd.org (Postfix, from userid 32767)
	id 06BE537B66D; Tue,  3 Oct 2000 09:10:24 -0700 (PDT)
Message-Id: <20001003161024.06BE537B66D@hub.freebsd.org>
Date: Tue,  3 Oct 2000 09:10:24 -0700 (PDT)
From: c6re@sdsumus.sdstate.edu
Sender: nobody@FreeBSD.ORG
To: freebsd-gnats-submit@FreeBSD.org
Subject: Using /stand/sysinstall to set security level to "medium" doesn't reduce kern_securelevel in /etc/rc.conf if security level was previously set to "high".
X-Send-Pr-Version: www-1.0

>Number:         21729
>Category:       conf
>Synopsis:       Using /stand/sysinstall to set security level to "medium" doesn't reduce kern_securelevel in /etc/rc.conf if security level was previously set to "high".
>Confidential:   no
>Severity:       non-critical
>Priority:       medium
>Responsible:    murray
>State:          closed
>Quarter:        
>Keywords:       
>Date-Required:  
>Class:          change-request
>Submitter-Id:   current-users
>Arrival-Date:   Tue Oct 03 09:20:01 PDT 2000
>Closed-Date:    Thu Oct 5 16:28:05 PDT 2000
>Last-Modified:  Thu Oct 05 16:28:30 PDT 2000
>Originator:     Nathan W.
>Release:        4.1.1-RELEASE
>Organization:
>Environment:
FreeBSD Guitarman.SDSTATE.EDU 4.1.1-RELEASE FreeBSD 4.1.1-RELEASE #0 Tue Sep 26 00:46:59 GMT 2000    jkh@narf.osd.bsdi.com:/usr/src/sys/compile/GENERIC  i386
>Description:
After using /stand/sysinstall to set security level to "high," 
kern_securelevel="2" is added to /etc/rc.conf.  

If /stand/sysinstall is later used to set security level to "moderate,"
kern_securelevel="2" is not overridden, thus the kernel security level
remains at 2.
>How-To-Repeat:
Use /stand/sysinstall to set security level to "high," then use
/stand/sysinstall to set security level to "moderate."
>Fix:
Manually edit /etc/rc.conf to set kern_securelevel to the 
desired level.

>Release-Note:
>Audit-Trail:
Responsible-Changed-From-To: freebsd-bugs->murray 
Responsible-Changed-By: johan 
Responsible-Changed-When: Wed Oct 4 12:36:38 PDT 2000 
Responsible-Changed-Why:  
Over to sysinstall maintainer. 

http://www.freebsd.org/cgi/query-pr.cgi?pr=21729 
State-Changed-From-To: open->analyzed 
State-Changed-By: murray 
State-Changed-When: Thu Oct 5 14:15:51 PDT 2000 
State-Changed-Why:  
Trivial patch submitted to Jordan for approval.  Should be committed soon. 


http://www.freebsd.org/cgi/query-pr.cgi?pr=21729 
State-Changed-From-To: analyzed->closed 
State-Changed-By: murray 
State-Changed-When: Thu Oct 5 16:28:05 PDT 2000 
State-Changed-Why:  
Patch applied to -current.  Thanks! 


http://www.freebsd.org/cgi/query-pr.cgi?pr=21729 
>Unformatted:
