From owner-freebsd-hackers Sat Dec 12 06:18:22 1998 Return-Path: Received: (from majordom@localhost) by hub.freebsd.org (8.8.8/8.8.8) id GAA28164 for freebsd-hackers-outgoing; Sat, 12 Dec 1998 06:18:22 -0800 (PST) (envelope-from owner-freebsd-hackers@FreeBSD.ORG) Received: from ns1.yes.no (ns1.yes.no [195.204.136.10]) by hub.freebsd.org (8.8.8/8.8.8) with ESMTP id GAA28152 for ; Sat, 12 Dec 1998 06:18:16 -0800 (PST) (envelope-from eivind@bitbox.follo.net) Received: from bitbox.follo.net (bitbox.follo.net [195.204.143.218]) by ns1.yes.no (8.9.1a/8.9.1) with ESMTP id PAA20217; Sat, 12 Dec 1998 15:18:15 +0100 (CET) Received: (from eivind@localhost) by bitbox.follo.net (8.8.8/8.8.6) id PAA24267; Sat, 12 Dec 1998 15:18:15 +0100 (MET) Message-ID: <19981212151814.S5444@follo.net> Date: Sat, 12 Dec 1998 15:18:14 +0100 From: Eivind Eklund To: Don Lewis , hackers@FreeBSD.ORG Subject: Re: restricting sysctl -w when securelevel > 0 References: <199812120642.WAA21633@salsa.gv.tsc.tdk.com> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii X-Mailer: Mutt 0.93.2i In-Reply-To: <199812120642.WAA21633@salsa.gv.tsc.tdk.com>; from Don Lewis on Fri, Dec 11, 1998 at 10:42:25PM -0800 Sender: owner-freebsd-hackers@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG On Fri, Dec 11, 1998 at 10:42:25PM -0800, Don Lewis wrote: > > I want to add some security related sysctl knobs and I don't want them > to be changeable when securelevel > 0. Rather than using SYSCTL_PROC > and defining several very similar handlers, I think it would be better to > add a generic way of limiting write access when securelevel > 0. > > Comments? I like this concept. Eivind. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-hackers" in the body of the message