hi,

>   These requests will be implemented as a new kauth(9) scope, called the
>   "system" scope.

the fact that "access raw memory" and "change firewall rule" are
controlled by securelevel is not a good reason to put them into
a single scope, IMO.
it's better to write listeners to check "securelevel" variable
for appropriate scopes, rather than having a single scope gathering
these random operations.
ie. i think securelevel should be turned into listener(s), not a scope.


btw, it seems that you are proposing two different things in this mail.
	- adapt securelevel to kauth world
	- make securelevel a bitmap

i'm not sure if the latter is a good idea.
why bother to complicate securelevel, while you can just have
another listener to implement finer-grained access control?

YAMAMOTO Takashi