From owner-freebsd-security Wed Jul 14 1:35:36 1999 Delivered-To: freebsd-security@freebsd.org Received: from fledge.watson.org (fledge.watson.org [204.156.12.50]) by hub.freebsd.org (Postfix) with ESMTP id 3FFC214D27 for ; Wed, 14 Jul 1999 01:35:35 -0700 (PDT) (envelope-from robert@cyrus.watson.org) Received: from fledge.watson.org (robert@fledge.pr.watson.org [192.0.2.3]) by fledge.watson.org (8.8.8/8.8.8) with SMTP id EAA20174; Wed, 14 Jul 1999 04:34:01 -0400 (EDT) (envelope-from robert@cyrus.watson.org) Date: Wed, 14 Jul 1999 04:34:01 -0400 (EDT) From: Robert Watson X-Sender: robert@fledge.watson.org Reply-To: Robert Watson To: Greg Black Cc: Garrett Wollman , Darren Reed , security@FreeBSD.ORG Subject: Re: Module magic In-Reply-To: Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org > I believe only for XiG, but I have not tried it in quite a while. The > best thing to do to test this is to bump up the sysctl, and then see if X > works. Recent posts, of course, suggest that I am wrong and that it applies (for the obvious reasons) to all X servers. However, I have still not tried it :-). I am not sure how BSDI manages the securelevel + X thing. Perhaps they provide a kernel driver for the requisite video card interface, which can on demand provide the i/o port access and memory mapping, but only in such a way that the video card can be accessed. Alternatively, they hacked around it and there are holes in their securelevel implementation. I don't have desktop access to any BSDI machines right now, but once I return to the US, I'll give it a try. Robert N M Watson robert@fledge.watson.org http://www.watson.org/~robert/ PGP key fingerprint: AF B5 5F FF A6 4A 79 37 ED 5F 55 E9 58 04 6A B1 TIS Labs at Network Associates, Computing Laboratory at Cambridge University Safeport Network Services To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message