Martin S. Weber wrote:

> There are only going to be 32 (64?) capabilities ever ?

Because the part that does the binary-AND is internal to kauth(9), we
are not bound to an ABI with how we choose to implement these knobs.

However, I've already done a list of securelevel impacts by looking at
kernel references to it, and we will be more than safe for quite a while
with a uint32_t; a uint64_t will give us enough room for expanding. So,
for *now* you have nothing to worry about. :)

-e.

-- 
Elad Efrat