Date: Tue, 27 Jul 1999 07:37:26 +0200 From: Sheldon Hearn <sheldonh@uunet.co.za> To: Matthew Dillon <dillon@apollo.backplane.com> Cc: hackers@freebsd.org Subject: securelevel too course-grained? Message-ID: <87126.933053846@axl.noc.iafrica.com> In-Reply-To: Your message of "Mon, 26 Jul 1999 20:48:28 MST." <199907270348.UAA49943@apollo.backplane.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On Mon, 26 Jul 1999 20:48:28 MST, Matthew Dillon wrote: > Subject: Re: securelevel and ipfw zero > > However, it does not allow you to do it if you are sitting at secure > level 3. You don't think that this discussion highlights the growing inadequacy of the securelevel mechanism's lack of granularity? I have a feeling it'll be time soon enough for us to make each of the decisions that is normally affected by securelevel dependant on the value of sysctl knobs. Presumeably one or more of them would be "write-once" knobs. :-) How much existing software tests for kern.securelevel? And could we make its value dependant on the new knobs? I can't see it being too big a problem. Ciao, Sheldon. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-hackers" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?87126.933053846>