From owner-freebsd-hackers Sun Apr 27 07:50:06 1997 Return-Path: Received: (from root@localhost) by hub.freebsd.org (8.8.5/8.8.5) id HAA14504 for hackers-outgoing; Sun, 27 Apr 1997 07:50:06 -0700 (PDT) Received: from nic.follonett.no (nic.follonett.no [194.198.43.10]) by hub.freebsd.org (8.8.5/8.8.5) with ESMTP id HAA14499 for ; Sun, 27 Apr 1997 07:50:03 -0700 (PDT) Received: (from eivind@localhost) by nic.follonett.no (8.8.5/8.8.3) id QAA08219; Sun, 27 Apr 1997 16:47:45 +0200 (MET DST) From: Eivind Eklund Message-Id: <199704271447.QAA08219@nic.follonett.no> Subject: Re: sysctl -A To: joerg_wunsch@uriah.heep.sax.de Date: Sun, 27 Apr 1997 16:47:45 +0200 (MET DST) Cc: hackers@freebsd.org In-Reply-To: <19970427091019.YV06768@uriah.heep.sax.de> from J Wunsch at "Apr 27, 97 09:10:19 am" X-Mailer: ELM [version 2.4ME+ PL22 (25)] MIME-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit Sender: owner-hackers@freebsd.org X-Loop: FreeBSD.org Precedence: bulk > Pulling all the dix code from the Xserver into the kernel would be the > technically correct solution, but is out of the question due to the > sheer amount of work required (and due to decentralizing the > maintenance that's currently done in an operating-system independent > way by the XFree86 team). If the filesystem flags (immutable etc) is pulled along far enough into the kernel, it might be possible to do this by adding a separate flag indicating that the executable in question is allowed to do hardware access. It would of course need to be unchangable on securelevel > 0, and require the immutable flag for the executable. Also, it is quite a hack, and I don't think I'd consider the ugliness worthwhile. However, if this _really_ is a priority, it might be an option. Eivind.