Re: CVS commit: src/sys/uvm

To: M.Drochner%fz-juelich.de@localhost
Subject: Re: CVS commit: src/sys/uvm
From: Elad Efrat <elad%NetBSD.org@localhost>
Date: Fri, 19 Feb 2010 10:14:43 -0500

Hi,

On Fri, Feb 19, 2010 at 6:37 AM, Matthias Drochner
<M.Drochner%fz-juelich.de@localhost> wrote:
>
> elad%NetBSD.org@localhost said:
>> > (cannot be cleared at securelevel>0)
>> I was wondering how you achieved that without modifying any of the
>> secmodel code itself
>
> Well, that's the problem with kauth: If it needs code changes
> for each simple check added in other parts of the kernel, it
> twarts modularity and extensibility.
> There is some abstaction missing.

lol,

>> Who's going to take care of that XXX referring to the use of an
>> undocumented action, meant to be used only in file-systems?
>
> I did circulate the patch a couple of days ago and raised
> exactly that question. You should have read it.
> (The semantics of the CHSYSFLAGS check is actually similar
> to the va0_disable one: It basically means: you are not
> allowed to weaken security related mechanisms at seclevel>0.)

rofl.

take care,

-e.

Follow-Ups:
- Re: CVS commit: src/sys/uvm
  - From: Adam Hoka

References:
- Re: CVS commit: src/sys/uvm
  - From: Elad Efrat
- Re: CVS commit: src/sys/uvm
  - From: Matthias Drochner

Prev by Date: Re: CVS commit: src/sys/uvm
Next by Date: Re: CVS commit: src/sys/uvm
Previous by Thread: Re: CVS commit: src/sys/uvm
Next by Thread: Re: CVS commit: src/sys/uvm
Indexes:

Home | Main Index | Thread Index | Old Index