Re: Please read if you use x86 -current

[Antti Kantee <pooka%cs.hut.fi@localhost>]

On Thu Nov 13 2008 at 16:25:21 -0500, Thor Lancelot Simon wrote:
> On Thu, Nov 13, 2008 at 09:36:03PM +0200, Antti Kantee wrote:
> > On Thu Nov 13 2008 at 14:04:41 -0500, Thor Lancelot Simon wrote:
> > > That's exactly what I am saying!  The current code is broken, and there
> > > are several ways to fix it.  But with the current, broken code for
> > > enforcing the security policy, allowing user space filesystem daemons
> > > (ones that have to access raw disks, anyway) basically voids the
> > > no-persistent-compromise guarantee.
> > 
> > So what you're saying is that NetBSD securelevels<2 are broken because
> > they allow raw disk access.  I don't see anything specific to userspace
> > file servers.
> 
> No, I'm saying that this was intended to work safely at securelevel 1 but
> was implemented wrong.  The point is that userspace fileservers require
> raw disk access and thus can't be used at securelevel 2 (where you get
> the persistent-compromise guarantees), which is very unfortunate.
> 
> The sensible place to put effort is into fixing securelevel 1 disk access
> semantics, it seems to me, not into making userspace fileserver work at
> securelevel 2.

Sounds like a plan.

Now if you'd only said this 57 email ago ;)