Un-fleshed out random idea time...

What if we had a mechanism that could disable certain kernel functions
from userland?  Obvious choices initially would be system calls,
filesystems and possibly sysctl nodes.  A case in point was the recent
semconfig problem, where we ended up making semconfig a dummy system
call, but people still needed to recompile kernels - sometimes it's not
convenient to do this right away for a number of reasons (kernel source
not at hand, long running simulation nearly finished, ra ra ra).  I
haven't thought too much about that the interface would be like, but something
like:

	sysctl -w security.syscall.semconfig = 0
	sysctl -w security.vfs.union = 0;

or

	sysconfig(XXX_SYSCALL, SYS_semconfig, DISABLE);
	sysconfig(XXX_FILESYSTEM, VT_UNION, DISABLE);

comes to mind (but with better names!).  We could even have an /etc/rc.d
script set some of these up on boot by parsing a /etc/system type file :)

Seriously, is this worth taking further?

Simon.