Subject: Re: new sysctl - privilaged ports runtime option?
To: Joe Reed <jnr@po.cwru.edu>
From: Greywolf <greywolf@starwolf.com>
List: tech-kern
Date: 08/07/2002 10:47:02
On Wed, 7 Aug 2002, Joe Reed wrote:

# i've added a check such that the sysctl fail with EOPNETSUPP when securelevel
# is >0. i did this by simply checking the value of the integer securelevel.
# is there a better way to check the securelevel value?  or just directly
# referencing the value good enough?
#
# also, to go along with the naming of the kernel option, i've changed the
# sysctl name from reservedports to privports.  the functionality remains the
# same (other than the securelevel check).  does that make sense?

I didn't see the original message; what, exactly, are we aiming for here,
and to what end?

I'd say to check the securelevel, you should get the value from
kern.securelevel (obvious, no?).

If this is doing what I think it's doing, I would say that it should be
active only on securelevels ABOVE (not including) 1.

...were we ever going to investigate securelevel bit flags as opposed to
incremental values?  What became of that...?

				--*greywolf;
--
NetBSD: Get Over It.