Subject: Re: Privilege Elevation with systrace
To: Julio Merino <firstname.lastname@example.org>
From: Andrew Brown <email@example.com>
Date: 10/11/2002 18:28:51
>> or allow an application to read /dev/kmem
>> netbsd-fsread: filename "/dev/kmem" then permit as :kmem
>So, this means that we do not need `aperture' any longer to run XFree86
>with a non-INSECURE kernel ?
"read". not "write".
x still needs to write to /dev/mem in order to work, and that's still
not allowed even for root at securelevels higher than 0.
|-----< "CODE WARRIOR" >-----|
firstname.lastname@example.org * "ah! i see you have the internet
email@example.com (Andrew Brown) that goes *ping*!"
firstname.lastname@example.org * "information is power -- share the wealth."