• Mike Hibler's avatar
    More tightly connect the notion of a firewall and the security level. · f1206314
    Mike Hibler authored
    If you specify an explicit firewall, you are implicitly assigned security
    level 2 and you cannot explicitly specify the security level.  Likewise,
    if you specify a security level, you cannot also specify a firewall.
    The reason for this is that security level 1 (aka "Blue") now has a slightly
    different meaning.  It is intended for protecting the inside from the outside
    rather than visa-versa.  The only practical implication of this is that for
    level 1, we don't do all the fancy power-off-boot-into-MFS-zapbootblock stuff
    that we do for higher levels.
    Anyway, I wanted to make sure that if you specify your own firewall, you
    DO have to go through the full cleansing swapout since we can't trust a
    firewall that the Average Joe sets up.
firewall.tcl 3.55 KB