On Wed, Jan 25, 2006 at 08:30:40PM +0200, Elad Efrat wrote:
> Thor Lancelot Simon wrote:
> 
> > Not from my point of view.  From my point of view, we're adding the ability
> > for an attacker to harvest sensitive information in a way in which he could
> > not harvest it before -- and we're making it possible to turn that on
> > without access to the machine's console.
> 
> how do you want the securelevel to affect the knob? default disable and
> can only be modified in securelevel > 0?

Default disable, can only be modified at securelevel < 1.  That gives us
the same basic situation we have now, with the convenience of not having
to modify the kernel sources to get cores from setuid programs.

Thor