From owner-freebsd-hackers  Sat Dec 12 12:06:58 1998
Return-Path: <owner-freebsd-hackers@FreeBSD.ORG>
Received: (from majordom@localhost)
          by hub.freebsd.org (8.8.8/8.8.8) id MAA22694
          for freebsd-hackers-outgoing; Sat, 12 Dec 1998 12:06:58 -0800 (PST)
          (envelope-from owner-freebsd-hackers@FreeBSD.ORG)
Received: from wall.polstra.com (rtrwan160.accessone.com [206.213.115.74])
          by hub.freebsd.org (8.8.8/8.8.8) with ESMTP id MAA22688
          for <hackers@freebsd.org>; Sat, 12 Dec 1998 12:06:57 -0800 (PST)
          (envelope-from jdp@polstra.com)
Received: from vashon.polstra.com (vashon.polstra.com [206.213.73.13])
	by wall.polstra.com (8.9.1/8.9.1) with ESMTP id MAA19479;
	Sat, 12 Dec 1998 12:06:55 -0800 (PST)
	(envelope-from jdp@polstra.com)
From: John Polstra <jdp@polstra.com>
Received: (from jdp@localhost)
	by vashon.polstra.com (8.9.1/8.9.1) id MAA11452;
	Sat, 12 Dec 1998 12:06:55 -0800 (PST)
	(envelope-from jdp@polstra.com)
Date: Sat, 12 Dec 1998 12:06:55 -0800 (PST)
Message-Id: <199812122006.MAA11452@vashon.polstra.com>
To: eivind@yes.no
Subject: Re: restricting sysctl -w when securelevel > 0
Newsgroups: polstra.freebsd.hackers
In-Reply-To: <19981212151814.S5444@follo.net>
References: <199812120642.WAA21633@salsa.gv.tsc.tdk.com>
Organization: Polstra & Co., Seattle, WA
Cc: hackers@FreeBSD.ORG
Sender: owner-freebsd-hackers@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.ORG

In article <19981212151814.S5444@follo.net>,
Eivind Eklund  <eivind@yes.no> wrote:
> On Fri, Dec 11, 1998 at 10:42:25PM -0800, Don Lewis wrote:
> > 
> > I want to add some security related sysctl knobs and I don't want them
> > to be changeable when securelevel > 0.  Rather than using SYSCTL_PROC
> > and defining several very similar handlers, I think it would be better to
> > add a generic way of limiting write access when securelevel > 0.
> > 
> > Comments?
> 
> I like this concept.

Me too.

John
-- 
  John Polstra                                               jdp@polstra.com
  John D. Polstra & Co., Inc.                        Seattle, Washington USA
  "Nobody ever went broke underestimating the taste of the American public."
                                                            -- H. L. Mencken

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-hackers" in the body of the message