Subject: Re: Getting rid of /dev/veriexec
To: None <>
From: der Mouse <mouse@Rodents.Montreal.QC.CA>
List: tech-kern
Date: 12/02/2005 11:12:51
> How is having the device counts as a security feature..?

It means it can be granted or hidden per-chroot.  It means it can have
its permissions twiddled (no chmod/chown-alikes for sysctl).  (The
latter is admittedly fairly pointless for veriexec with its explicit
suser, but I think the point is valid more generally.)

/~\ The ASCII				der Mouse
\ / Ribbon Campaign
 X  Against HTML
/ \ Email!	     7D C8 61 52 5D E7 2D 39  4E F1 31 3E E8 B3 27 4B