Subject: Re: Getting rid of /dev/veriexec
To: Elad Efrat <>
From: Quentin Garnier <>
List: tech-kern
Date: 12/02/2005 17:04:00
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable

On Fri, Dec 02, 2005 at 05:51:09PM +0200, Elad Efrat wrote:
> Jason Thorpe wrote:
> > As you said before, there is really no change to veriexec here except=
> > for "sysctl entry point vs device entry point".  Since both choices  are
> > basically non-optimal, I don't see any real benefit to changing=20
> > veriexec at this time, since you're just trading one ugly solution  for
> > another.
> While there is no change to the end-user here, I *still* think that
> sysctl is a more logical place to have these hooks in.

And I *still* don't see any answer to my post in this thread (and my
comments elsewhere...) about compatibility with previous releases.

What I see here is that you're proposing a cosmetic change at the cost
of breaking compatibility.  I see _very little_ gain in that.

Quentin Garnier - -
"When I find the controls, I'll go where I like, I'll know where I want
to be, but maybe for now I'll stay right here on a silent sea."
KT Tunstall, Silent Sea, Eye to the Telescope, 2004.

Content-Type: application/pgp-signature
Content-Disposition: inline

Version: GnuPG v1.2.6 (NetBSD)