From owner-freebsd-security Mon Dec 3 4:44:44 2001 Delivered-To: freebsd-security@freebsd.org Received: from fledge.watson.org (fledge.watson.org [204.156.12.50]) by hub.freebsd.org (Postfix) with ESMTP id 863A937B417 for ; Mon, 3 Dec 2001 04:44:41 -0800 (PST) Received: from fledge.watson.org (robert@fledge.pr.watson.org [192.0.2.3]) by fledge.watson.org (8.11.6/8.11.5) with SMTP id fB3CiOi31256; Mon, 3 Dec 2001 07:44:25 -0500 (EST) (envelope-from robert@fledge.watson.org) Date: Mon, 3 Dec 2001 07:44:24 -0500 (EST) From: Robert Watson X-Sender: robert@fledge.watson.org To: Alfred Perlstein Cc: Oleg Cherkasov , freebsd-security@freebsd.org Subject: Re: philosophical question... In-Reply-To: <20011203032305.K92148@elvis.mu.org> Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org On Mon, 3 Dec 2001, Alfred Perlstein wrote: > * Oleg Cherkasov [011203 03:16] wrote: > > > > Think a new key 'malloc.random' for sysctl could be more useful, protected > > with 'kern.securelevel' > 1. > > However, malloc(3) has nothing to do with the kernel. Yeah, I'm not sure why it would be keyed off of 'securelevel'. Seems to me that we should avoid any more userland cruft being associated unnecessarily with securelevels, actually :-). And if we do stuff this in a securelevel, it sounds like we need a userland. sysctl namespace. More likely, we just need this to be a flag on /etc/malloc.conf. Robert N M Watson FreeBSD Core Team, TrustedBSD Project robert@fledge.watson.org NAI Labs, Safeport Network Services To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message