Re: Silly question about ktrace(1) and non-root users

To: Brian Buhrow <buhrow%lothlorien.nfbcal.org@localhost>, der Mouse <mouse%Rodents-Montreal.ORG@localhost>, tech-kern%NetBSD.org@localhost
Subject: Re: Silly question about ktrace(1) and non-root users
From: Thor Lancelot Simon <tls%panix.com@localhost>
Date: Tue, 21 Jun 2011 09:19:31 -0400

On Tue, Jun 21, 2011 at 07:55:37AM +0100, David Laight wrote:
> On Mon, Jun 20, 2011 at 04:29:05PM -0700, Brian Buhrow wrote:
> 
> > For reference, I used the ktrcanset() function from kern_ktrace.c from
> > NetBSD-3.0 sources because it was easier to read than following the chain
> > of layers down through the secmodel infrastructure and finding where
> > exactly the permission is denied in that machinery.
> 
> mmmm security through obscurity ...

For what it's worth, I find reading the secmodel code very easy.  Much
easier than reading the tangled logic around every open coded
permission check that used to be in the tree.

-- 
Thor Lancelot Simon                                    tls%panix.com@localhost
  "All of my opinions are consistent, but I cannot present them all
   at once."    -Jean-Jacques Rousseau, On The Social Contract

References:
- Re: Silly question about ktrace(1) and non-root users
  - From: Brian Buhrow
- Re: Silly question about ktrace(1) and non-root users
  - From: David Laight

Prev by Date: Re: Silly question about ktrace(1) and non-root users
Next by Date: Re: write alignment matters?
Previous by Thread: Re: Silly question about ktrace(1) and non-root users
Next by Thread: Re: Silly question about ktrace(1) and non-root users
Indexes:

Home | Main Index | Thread Index | Old Index