Securelevel doesn't affect mount at all, so ro filesystem can be remounted to rw or unmounted in any securelevel.
It will be very convenient if mount -uw and unmount can be forbidden in higher (>=2) securelevels. With that it will be possible to protect the whole system by just read-only mount without dealing with immutable flags.
Fix: Somebody may want to be still able to mount/unmount/update in any secure level, so IMHO it would be the best if we can mark particular mount as protected/locked. To do that new mount option can be added.
Initial patch attached.
- code review/check (I'm not an FreeBSD expert/developer)
- decide if securelevel=1 should be considered
- update manuals (mount(8), mount(2), security(7), any other?)
- update handbook
- "-u -o locked" is not working
- check/implement with other fs'es than ufs2
- implement patch for mount_* commands
Patch attached with submission follows:
How-To-Repeat: mount -o ro /dev/da1 /mnt
mount -uw /mnt
For bugs matching the following criteria:
Status: In Progress Changed: (is less than) 2014-06-01
Reset to default assignee and clear in-progress tags.
Mail being skipped