From owner-freebsd-hackers  Sat Aug 10 11:46:41 1996
Return-Path: owner-hackers
Received: (from root@localhost)
          by freefall.freebsd.org (8.7.5/8.7.3) id LAA14163
          for hackers-outgoing; Sat, 10 Aug 1996 11:46:41 -0700 (PDT)
Received: from irz301.inf.tu-dresden.de (irz301.inf.tu-dresden.de [141.76.1.11])
          by freefall.freebsd.org (8.7.5/8.7.3) with SMTP id LAA14158
          for <freebsd-hackers@freebsd.org>; Sat, 10 Aug 1996 11:46:38 -0700 (PDT)
Received: from sax.sax.de (sax.sax.de [193.175.26.33]) by irz301.inf.tu-dresden.de (8.6.12/8.6.12-s1) with ESMTP id UAA06232 for <freebsd-hackers@freebsd.org>; Sat, 10 Aug 1996 20:46:36 +0200
Received: (from uucp@localhost) by sax.sax.de (8.6.12/8.6.12-s1) with UUCP id UAA14199 for freebsd-hackers@freebsd.org; Sat, 10 Aug 1996 20:46:36 +0200
Received: (from j@localhost) by uriah.heep.sax.de (8.7.5/8.6.9) id UAA02327 for freebsd-hackers@freebsd.org; Sat, 10 Aug 1996 20:37:38 +0200 (MET DST)
From: J Wunsch <j@uriah.heep.sax.de>
Message-Id: <199608101837.UAA02327@uriah.heep.sax.de>
Subject: Re: kern_mib.c:int securelevel = -1;
To: freebsd-hackers@freebsd.org (FreeBSD hackers)
Date: Sat, 10 Aug 1996 20:37:38 +0200 (MET DST)
Reply-To: joerg_wunsch@uriah.heep.sax.de (Joerg Wunsch)
In-Reply-To: <199608101631.CAA03169@godzilla.zeta.org.au> from Bruce Evans at "Aug 11, 96 02:31:19 am"
X-Phone: +49-351-2012 669
X-PGP-Fingerprint: DC 47 E6 E4 FF A6 E9 8F  93 21 E0 7D F9 12 D6 4E 
X-Mailer: ELM [version 2.4ME+ PL17 (25)]
MIME-Version: 1.0
Content-Type: text/plain; charset=US-ASCII
Content-Transfer-Encoding: 7bit
Sender: owner-hackers@freebsd.org
X-Loop: FreeBSD.org
Precedence: bulk

As Bruce Evans wrote:

> >...and make it a default option.  Otherwise, people with typical
> >workstations running Xservers will jump at us.  The comment in LINT
> >and GENERIC _must_ mention this, or the amount of support replies we
> >have to send out will increase drastically.
> 
> Have you tried it? :-)  X works fine even at securelevel 2.

I haven't tried it, but i think at doesn't work if you've got a
graphics device where the Xserver wants to access the linear
framebuffer via /dev/mem.  At least, i remember vaguely the term
``NetBSD aperture driver'' and the stated reason that this was
intended to be a backdoor in order to circumvent the /dev/mem
problem.

Plain (banked) VGA probably works, since it only needs to mmap() the
standard frame buffer where syscons or pcvt do already know about its
location.

-- 
cheers, J"org

joerg_wunsch@uriah.heep.sax.de -- http://www.sax.de/~joerg/ -- NIC: JW11-RIPE
Never trust an operating system you don't have sources for. ;-)