tech-kern archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

Re: Secmodel_bsd44: default to "defer", not "deny"?

To: tech-kern%netbsd.org@localhost
Subject: Re: Secmodel_bsd44: default to "defer", not "deny"?
From: Joerg Sonnenberger <joerg%britannica.bec.de@localhost>
Date: Tue, 26 Feb 2008 12:38:33 +0100

On Sun, Feb 24, 2008 at 09:34:27PM +0200, Elad Efrat wrote:
> Now I'm thinking, though, that this might not be necessary. To get code
> in the kernel (conventionally) you'd have to either write to /dev/kmem
> or load a module.

We might require a signature for modules at a later time. In that case
the module itself would be ~trusted.

Joerg

References:
- Secmodel_bsd44: default to "defer", not "deny"?
  - From: Elad Efrat

Prev by Date: Re: DRM and VIA Chipset
Next by Date: Re: dtime_t
Previous by Thread: Re: Secmodel_bsd44: default to "defer", not "deny"?
Next by Thread: uiomove(9) man page not in sync with reality in netbsd-4 branch
Indexes:

Home | Main Index | Thread Index | Old Index