Subject: Re: sysctl knob to let sugid processes dump core (pr 15994)
To: None <email@example.com>
From: Elad Efrat <elad@NetBSD.org>
Date: 01/25/2006 20:30:40
Thor Lancelot Simon wrote:
> Not from my point of view. From my point of view, we're adding the ability
> for an attacker to harvest sensitive information in a way in which he could
> not harvest it before -- and we're making it possible to turn that on
> without access to the machine's console.
how do you want the securelevel to affect the knob? default disable and
can only be modified in securelevel > 0?