Subject: Re: cloning loopback and security [was Re: CVS commit: src/sys ]
To: James Chacon <>
From: Jonathan Stone <>
List: tech-kern
Date: 12/09/2004 13:35:21
In message <>James Chacon writes
>On Thu, Dec 09, 2004 at 01:05:30PM -0800, Jonathan Stone wrote:

>> Except if you ever want to upgrade, then you may need to lower
>> securelevel. That can get ... exceedingly tricky.
>But you can't lower security level today. If you wanna upgrade it, reboot
>and leave it at a lower security level (i.e. boot from cdrom if need be).
>Obviously nothing we do can solve the physical access problem.

Correct. That's one reason I'm asking for config-time options, too.
And (exactly as for devfs) I'm willing to jump through quite difficult
hoops to get them.  All I ask is that they're available, (even at some
pain) to those who decide they need them.  I'm currently willing to
help do the work and do ongoing testing, too.