Subject: Re: simple tpe implementation
To: Elad Efrat <elad@NetBSD.org>
From: Perry E. Metzger <firstname.lastname@example.org>
Date: 02/01/2007 18:14:08
Elad Efrat <elad@NetBSD.org> writes:
> attached is a very simple patch that adds a "security.tpe" sysctl node
> to control a tpe (or, trusted path execution) feature.
Wish list: it would be cool if someday this could be turned on/off on
a per process basis somehow. I'd love to have things like
chrooted/unprived daemons running with this on for themselves and
their children, even if other processes are "normal". NOTE: This
doesn't mean I don't favor committing this now.