Subject: Re: CVS commit: src/sys/kern
To: None <>
From: YAMAMOTO Takashi <>
List: tech-kern
Date: 09/10/2006 20:46:20
[ moved from source-changes@ ]

> Module Name:	src
> Committed By:	elad
> Date:		Sat Sep  2 20:10:24 UTC 2006
> Modified Files:
> 	src/sys/kern: kern_auth.c
> Log Message:
> Short-circuit calls to kauth_authorize_action() for a scope withtout any
> listeners to always return "allow".
> The idea is that it's not entirely unlikely that some vendors, or users,
> will decide to load the security model as an LKM, and that can only
> happen after at least mounting local file-systems. If we would not have
> this fast-path, all authorization requests would be denied.
> okay christos@
> To generate a diff of this commit:
> cvs rdiff -r1.17 -r1.18 src/sys/kern/kern_auth.c
> Please note that diffs are not public domain; they are subject to the
> copyright notices on the relevant files.

does it mean that an introduction of a new scope will automatically
make existing secmodels insecure?
i'm not sure if it's a good idea.