Subject: Re: Integrating securelevel and kauth(9)
To: Martin S. Weber <>
From: Elad Efrat <>
List: tech-security
Date: 03/24/2006 23:30:44
Martin S. Weber wrote:

> There are only going to be 32 (64?) capabilities ever ?

Because the part that does the binary-AND is internal to kauth(9), we
are not bound to an ABI with how we choose to implement these knobs.

However, I've already done a list of securelevel impacts by looking at
kernel references to it, and we will be more than safe for quite a while
with a uint32_t; a uint64_t will give us enough room for expanding. So,
for *now* you have nothing to worry about. :)


Elad Efrat