Subject: Re: CVS commit: src/sys/kern
To: YAMAMOTO Takashi <firstname.lastname@example.org>
From: Elad Efrat <elad@NetBSD.org>
Date: 09/11/2006 12:52:14
YAMAMOTO Takashi wrote:
>>> to avoid making existing code insecure when introducing new scopes.
>> Let's say we introduced a new scope. Can you think of any situation
>> where we would dispatch authorization requests on this scope without
>> also adding some listeners?
> 3rd party listeners.
That's exactly what this was for: if we *don't* have it, you create
a situation where, if the listeners are loaded via LKM during boot-time,
their *loading* will be denied because the default rule says "no
listeners, always deny". That's *exactly* why it needs to be
> i don't think it is a good reason to make it per-scope.
How is the code I did "per-scope"? it's in kauth_authorize_action().
> - i don't think it's so relevant.
> - i don't think IPFILTER_DEFAULT_BLOCK option is a great idea.
> - iirc, ipfilter has a global knob to enable it.
> it's basically what i suggested here.
Again, isn't this what I was saying..?