Subject: Re: new kpi proposal, sysdisk(9)
To: der Mouse <mouse@Rodents.Montreal.QC.CA>
From: Bill Studenmund <>
List: tech-kern
Date: 12/30/2006 23:27:33
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable

On Sat, Dec 30, 2006 at 11:10:37PM -0500, der Mouse wrote:
> > Now, with disklabels, you can load a brand new disklabel into the
> > kernel (I hope it complains, but I am not sure).  But if you can do
> > that, you can do anything.  That door we must close. :-)
> Fine, provided the admin can either open it again or configure things
> to not close it.  I use that capability too much to be comfortable with
> removing it entirely.  (Not often, and mostly when doing things like
> migrating from one disk to another.  But often enough that it would be
> a right royal - even if only occasional - PITA to lsoe it entirely.)

Sorry, yes, this either would be an at-secure-level (or having set a bit=20
in the kauth bit mask replacing securelevel) thing or there'd be some=20
other knob. Yes, when you're installing, you should be able to do a lot=20
more than you can do in production.

Take care,


Content-Type: application/pgp-signature
Content-Disposition: inline

Version: GnuPG v1.4.3 (NetBSD)