From owner-freebsd-hackers  Thu Aug  8 02:20:10 1996
Return-Path: owner-hackers
Received: (from root@localhost)
          by freefall.freebsd.org (8.7.5/8.7.3) id CAA25313
          for hackers-outgoing; Thu, 8 Aug 1996 02:20:10 -0700 (PDT)
Received: from parkplace.cet.co.jp (parkplace.cet.co.jp [202.32.64.1])
          by freefall.freebsd.org (8.7.5/8.7.3) with ESMTP id CAA25308
          for <Hackers@FreeBSD.org>; Thu, 8 Aug 1996 02:20:07 -0700 (PDT)
Received: from localhost (michaelh@localhost) by parkplace.cet.co.jp (8.7.5/CET-v2.1) with SMTP id JAA13452; Thu, 8 Aug 1996 09:19:55 GMT
Date: Thu, 8 Aug 1996 18:19:55 +0900 (JST)
From: Michael Hancock <michaelh@cet.co.jp>
To: Bruce Evans <bde@zeta.org.au>
cc: Hackers@FreeBSD.org, jds@TracerTech.COM
Subject: Re: kern_mib.c:int securelevel = -1;
In-Reply-To: <199608080849.SAA28939@godzilla.zeta.org.au>
Message-ID: <Pine.SV4.3.93.960808181709.13423A-100000@parkplace.cet.co.jp>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Sender: owner-hackers@FreeBSD.org
X-Loop: FreeBSD.org
Precedence: bulk

On Thu, 8 Aug 1996, Bruce Evans wrote:

> >BSD/OS and NetBSD are using options INSECURE to switch this feature on and
> >off.  I'd also like to have this switch so I don't have to keep patching
> >kern_mib.c when I build kernels that use this feature.
> 
> >If there are "mile wide" holes in the securelevel stuff we can state that
> >the feature is experimental in the man pages.  I still would like to have
> >the INSECURE switch added.  Just make it the default in the GENERIC kernel
> >so it doesn't change the current default behavior.
> 
> The default should not require any options.  The new option could be named
> A_LITTLE_BIT_SECURE.

As people patch up holes we can rename it to A_LITTLE_BIT_MORE_SECURE. ;-)


Mike Hancock