From owner-cvs-all@FreeBSD.ORG  Wed Jul 14 00:38:59 2004
Return-Path: <owner-cvs-all@FreeBSD.ORG>
Delivered-To: cvs-all@freebsd.org
Received: from green.homeunix.org (freefall.freebsd.org [216.136.204.21])
	by hub.freebsd.org (Postfix) with ESMTP
	id 0604916A4CE; Wed, 14 Jul 2004 00:38:59 +0000 (GMT)
Received: from green.homeunix.org (green@localhost [127.0.0.1])
	by green.homeunix.org (8.12.11/8.12.11) with ESMTP id i6E0cwiS060021;
	Tue, 13 Jul 2004 20:38:58 -0400 (EDT)
	(envelope-from green@green.homeunix.org)
Received: (from green@localhost)
	by green.homeunix.org (8.12.11/8.12.11/Submit) id i6E0cvQL060020;
	Tue, 13 Jul 2004 20:38:57 -0400 (EDT)
	(envelope-from green)
Date: Tue, 13 Jul 2004 20:38:56 -0400
From: Brian Fundakowski Feldman <green@FreeBSD.org>
To: Colin Percival <colin.percival@wadham.ox.ac.uk>
Message-ID: <20040714003856.GR1626@green.homeunix.org>
References: <25281.1089751843@critter.freebsd.dk>
	<6.1.0.6.1.20040713171800.03d86568@popserver.sfu.ca>
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <6.1.0.6.1.20040713171800.03d86568@popserver.sfu.ca>
User-Agent: Mutt/1.5.6i
cc: cvs-src@FreeBSD.org
cc: Poul-Henning Kamp <phk@phk.freebsd.dk>
cc: src-committers@FreeBSD.org
cc: cvs-all@FreeBSD.org
cc: Nate Lawson <nate@root.org>
Subject: Re: cvs commit: src/sbin/kldunload kldunload.8 kldunload.c
X-BeenThere: cvs-all@freebsd.org
X-Mailman-Version: 2.1.1
Precedence: list
List-Id: CVS commit messages for the entire tree <cvs-all.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/cvs-all>,
	<mailto:cvs-all-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/cvs-all>
List-Post: <mailto:cvs-all@freebsd.org>
List-Help: <mailto:cvs-all-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/cvs-all>,
	<mailto:cvs-all-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Wed, 14 Jul 2004 00:38:59 -0000

On Tue, Jul 13, 2004 at 05:26:16PM -0700, Colin Percival wrote:
> At 13:50 13/07/2004, Poul-Henning Kamp wrote:
> >But I think you miss the point:  This is about giving root the ability
> >to add a "damnit!" after "kldunload foo".
> 
> As a (mostly) side note, this will be useful from the point of view of
> security as well.  When there is a security advisory concerning an
> optional module (compat/linux being the most recent example) it would
> be nice to have a more effective workaround than "well, you can try
> `kldunload linux`, but it probably won't work... if it doesn't work,
> you'll have to reboot the system".

"Well, you can try 'kldunload -f linux', but it probably won't work...
 if it doesn't work, I guess a crash isn't really much worse than a
 reboot."

-- 
Brian Fundakowski Feldman                           \'[ FreeBSD ]''''''''''\
  <> green@FreeBSD.org                               \  The Power to Serve! \
 Opinions expressed are my own.                       \,,,,,,,,,,,,,,,,,,,,,,\