Date: Tue, 19 Oct 1999 14:27:48 +1000 From: Peter Jeremy <jeremyp@gsmx07.alcatel.com.au> To: freebsd-arch@freebsd.org Subject: Re: kern.securelevel and X Message-ID: <99Oct19.142341est.40352@border.alcanet.com.au> In-Reply-To: <xzp90503esj.fsf@flood.ping.uio.no> References: <Pine.LNX.4.05.9910150036170.5339-100000@jason.argos.org> <14343.23571.679909.243732@blm30.IRO.UMontreal.CA> <19991017012750.A812@fever.semiotek.com> <380A1E2C.CCA326F5@gorean.org> <19991018024704.A512@semiotek.com> <xzpyad12jd7.fsf@flood.ping.uio.no> <19991018043039.B1711@semiotek.com> <xzpso392gj0.fsf@flood.ping.uio.no> <19991018142633.D1DDB1DA3@bone.nectar.com> <xzp90503esj.fsf@flood.ping.uio.no>
next in thread | previous in thread | raw e-mail | index | archive | help
On 1999-Oct-19 00:49:00 +1000, Dag-Erling Smorgrav wrote: >What EE suggested was to define a new SYSCTL macro to make defining >new security sysctls trivial. You'd do something like this: > >static int sec_syscall_mount = 1; >SYSCTL_SECURITY(mount, &sec_syscall_mount, "Allow mounting filesystems"); The disadvantage of this approach is kernel bloat: Each sysctl adds around 50 bytes of data overhead on an i386 (and about twice this on an Alpha). A single bitmap (which could still be a sysctl) of allowed syscalls would be substantially smaller and allow most of the permission checking inside trap.c:syscall(). (I agree that the userland would be more complex, but that isn't permanently resident). Peter -- Peter Jeremy (VK2PJ) peter.jeremy@alcatel.com.au Alcatel Australia Limited 41 Mandible St Phone: +61 2 9690 5019 ALEXANDRIA NSW 2015 Fax: +61 2 9690 5982 To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-arch" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?99Oct19.142341est.40352>