On Wed, Jan 16, 2002 at 12:06:31PM -0800, Alfred Perlstein wrote:
> * Greywolf <greywolf@starwolf.com> [020116 12:05] wrote:
> > My two cents:
> > 
> > disklabel(8) should not be allowing modifications of mounted filesystems
> > (by checking at write time).  At least not without sufficient warnings
> > that will drive off someone with a shadow of a doubt as to what they
> > are doing.
> 
> That makes sense.

Yes, but for it to actually be enforced in a meaningful way (which it
needs to be, even at securelevel 1, or the rest of the securelevel
framework is inconsistent) disklabel writing needs to be moved entirely
into the kernel.  This has been discussed over and over, but nobody
(myself included) has stepped up to do the fairly small amount of work.

-- 
 Thor Lancelot Simon	                                      tls@rek.tjls.com
   But as he knew no bad language, he had called him all the names of common
 objects that he could think of, and had screamed: "You lamp!  You towel!  You
 plate!" and so on.              --Sigmund Freud