Subject: Re: kauth, securelevel, and "run levels"
To: Elad Efrat <elad@NetBSD.org>
From: Thor Lancelot Simon <firstname.lastname@example.org>
Date: 03/25/2006 16:52:40
On Sat, Mar 25, 2006 at 09:13:03PM +0200, Elad Efrat wrote:
> Thor Lancelot Simon wrote:
> > 1) We should factor out exactly what operations may allow persistent
> > compromise, and produce a kauth mask that prohibits them. This
> > should correspond to the old "security level 1", plus what should
> > have gone into level 1, but went into level 2 because I was a dumbass.
> Yes, we already talked about that. I gave you a list of implications of
> securelevel (minus a few) so you can factor out the securelevels the way
> you see fit -- did you do that? :)
> I don't mind doing it myself, but simply because I'm sure we'll divide
> the implications differently I prefer you go ahead and do it first.
Sorry -- I do owe you this. I will try to get to it as quickly as I
can. I keep expecting more time to free up for Important NetBSD Tasks;
unfortunately, the rest of my life keeps getting in the way (!).