Andrew Brown wrote:

> part of the security sysctl mib would have to be a knob that sets the
> entire sysctl mib into read-only mode as well.

I would suspect that the entire security mib would be governed by the
same rules as the existing kern.securelevel sysctl.  This should be
debated on either tech-kern or tech-security and not port-sparc and
netbsd-help :-)

Simon.
--
Simon Burge                            <simonb@wasabisystems.com>
NetBSD Sales, Support and Service:  http://www.wasabisystems.com/