Subject: Re: CVS commit: src/sys/secmodel/bsd44
To: YAMAMOTO Takashi <yamt@mwd.biglobe.ne.jp>
From: Elad Efrat <elad@NetBSD.org>
List: tech-kern
Date: 10/12/2006 11:16:43
YAMAMOTO Takashi wrote:
> what's the semantics of it? "can access any disks"?
Well, I was thinking the semantics should be the "worse case" because we
don't really know anything more than that raw disk access was required
and the access modes -- we can't tell if it's mounted or not, etc.
So right now it assumes that raw read access is always permitted and
that for raw disk writes you must be in securelevel 0 or less. Of course
that's not set in stone and is subject to change...
-e.
--
Elad Efrat