From owner-freebsd-hackers@FreeBSD.ORG  Wed Mar 30 19:27:42 2005
Return-Path: <owner-freebsd-hackers@FreeBSD.ORG>
Delivered-To: freebsd-hackers@freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id 3058416A4CE
	for <freebsd-hackers@freebsd.org>;
	Wed, 30 Mar 2005 19:27:42 +0000 (GMT)
Received: from rproxy.gmail.com (rproxy.gmail.com [64.233.170.198])
	by mx1.FreeBSD.org (Postfix) with ESMTP id 747C943D2F
	for <freebsd-hackers@freebsd.org>;
	Wed, 30 Mar 2005 19:27:41 +0000 (GMT)
	(envelope-from aaron.glenn@gmail.com)
Received: by rproxy.gmail.com with SMTP id a41so190830rng
	for <freebsd-hackers@freebsd.org>;
	Wed, 30 Mar 2005 11:27:41 -0800 (PST)
DomainKey-Signature: a=rsa-sha1; q=dns; c=nofws;
	s=beta; d=gmail.com;
	h=received:message-id:date:from:reply-to:to:subject:in-reply-to:mime-version:content-type:content-transfer-encoding:references;
	b=TiKElLHnknZFvNJ05sLCZcz6PccoKthV/w8Ispzo9CQta68UK+3ZqT1+ek1pg/67Y1TDDkoZlB/QcaPppcDgFVM1l0FbchYW9XT2Y2EPgewqkXSezYk4OBaJnGAK0Gb4J9RC03cZARhRuSRRQpOdBpdF41WTVGXiW+745/7Bshk=
Received: by 10.38.87.21 with SMTP id k21mr720029rnb;
        Wed, 30 Mar 2005 11:27:39 -0800 (PST)
Received: by 10.38.151.34 with HTTP; Wed, 30 Mar 2005 11:27:36 -0800 (PST)
Message-ID: <18f6019405033011277d9443a7@mail.gmail.com>
Date: Wed, 30 Mar 2005 11:27:36 -0800
From: Aaron Glenn <aaron.glenn@gmail.com>
To: freebsd-hackers@freebsd.org
In-Reply-To: <63519.81.84.174.37.1112202413.squirrel@mail.revolutionsp.com>
Mime-Version: 1.0
Content-Type: text/plain; charset=ISO-8859-1
Content-Transfer-Encoding: 7bit
References: <61910.81.84.174.37.1112123946.squirrel@mail.revolutionsp.com>
	 <20050329213528.59dab2e2.flynn@energyhq.es.eu.org>
	 <62208.81.84.174.37.1112130745.squirrel@mail.revolutionsp.com>
	 <20050329193558.L33759@eleanor.us1.wmi.uvac.net>
	 <63511.81.84.174.37.1112202327.squirrel@mail.revolutionsp.com>
	 <63519.81.84.174.37.1112202413.squirrel@mail.revolutionsp.com>
Subject: Re: A few thoughts..
X-BeenThere: freebsd-hackers@freebsd.org
X-Mailman-Version: 2.1.1
Precedence: list
Reply-To: Aaron Glenn <aaron.glenn@gmail.com>
List-Id: Technical Discussions relating to FreeBSD
	<freebsd-hackers.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-hackers>,
	<mailto:freebsd-hackers-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-hackers>
List-Post: <mailto:freebsd-hackers@freebsd.org>
List-Help: <mailto:freebsd-hackers-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-hackers>,
	<mailto:freebsd-hackers-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Wed, 30 Mar 2005 19:27:42 -0000

On Wed, 30 Mar 2005 11:06:53 -0600 (CST), H. S.
<security@revolutionsp.com> wrote:
> As I stated previously, I'm not much of a C programmer, but I can do some
> coding. I've been thinking into changing the core of the system a bit to
> return errors if some information is accessed by a normal user. I'd like
> to know if getuid() would work that deep in the system? And how can I
> register sysctl mibs in the kernel ?

Let me chime in with A single thought of my own: isn't this scenario a
textbook use-case for the hard work Robert Watson did with MAC? I
haven't kept up with 5.x's latest features in a while...

aaron.glenn