[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
Re: Silly question about ktrace(1) and non-root users
On Tue, Jun 21, 2011 at 07:55:37AM +0100, David Laight wrote:
> On Mon, Jun 20, 2011 at 04:29:05PM -0700, Brian Buhrow wrote:
> > For reference, I used the ktrcanset() function from kern_ktrace.c from
> > NetBSD-3.0 sources because it was easier to read than following the chain
> > of layers down through the secmodel infrastructure and finding where
> > exactly the permission is denied in that machinery.
> mmmm security through obscurity ...
For what it's worth, I find reading the secmodel code very easy. Much
easier than reading the tangled logic around every open coded
permission check that used to be in the tree.
Thor Lancelot Simon tls%panix.com@localhost
"All of my opinions are consistent, but I cannot present them all
at once." -Jean-Jacques Rousseau, On The Social Contract
Main Index |
Thread Index |