From owner-freebsd-hackers Sun Apr 27 12:59:10 1997 Return-Path: Received: (from root@localhost) by hub.freebsd.org (8.8.5/8.8.5) id MAA26023 for hackers-outgoing; Sun, 27 Apr 1997 12:59:10 -0700 (PDT) Received: from phaeton.artisoft.com (phaeton.Artisoft.COM [198.17.250.50]) by hub.freebsd.org (8.8.5/8.8.5) with SMTP id MAA26018 for ; Sun, 27 Apr 1997 12:59:08 -0700 (PDT) Received: (from terry@localhost) by phaeton.artisoft.com (8.6.11/8.6.9) id MAA09122; Sun, 27 Apr 1997 12:53:07 -0700 From: Terry Lambert Message-Id: <199704271953.MAA09122@phaeton.artisoft.com> Subject: Re: sysctl -A To: eivind@nic.follonett.no (Eivind Eklund) Date: Sun, 27 Apr 1997 12:53:06 -0700 (MST) Cc: joerg_wunsch@uriah.heep.sax.de, hackers@freebsd.org In-Reply-To: <199704271447.QAA08219@nic.follonett.no> from "Eivind Eklund" at Apr 27, 97 04:47:45 pm X-Mailer: ELM [version 2.4 PL24] MIME-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit Sender: owner-hackers@freebsd.org X-Loop: FreeBSD.org Precedence: bulk > If the filesystem flags (immutable etc) is pulled along far enough into the > kernel, it might be possible to do this by adding a separate flag indicating > that the executable in question is allowed to do hardware access. > It would of course need to be unchangable on securelevel > 0, and require the > immutable flag for the executable. > > Also, it is quite a hack, and I don't think I'd consider the ugliness > worthwhile. However, if this _really_ is a priority, it might be an > option. Heh. And we would put a file containing this attribute data in a subdirectory of /etc/... Heh. You've invented SVR4 flags for "this binary can get a reserved port", etc.. Terry Lambert terry@lambert.org --- Any opinions in this posting are my own and not those of my present or previous employers.