Subject: CVS commit: src
To: None <source-changes@NetBSD.org>
From: Elad Efrat <elad@netbsd.org>
List: source-changes
Date: 11/21/2007 22:49:09
Module Name:	src
Committed By:	elad
Date:		Wed Nov 21 22:49:09 UTC 2007

Modified Files:
	src/distrib/sets/lists/comp: mi
	src/share/man/man9: Makefile secmodel_bsd44.9
	src/sys/lkm/kauth/secmodel_bsd44: secmodel_bsd44_lkminit.c
	src/sys/secmodel: files.secmodel
	src/sys/secmodel/bsd44: files.bsd44 secmodel_bsd44.c
	    secmodel_bsd44_logic.c
Added Files:
	src/share/man/man9: secmodel_securelevel.9
	src/sys/secmodel/securelevel: files.securelevel secmodel_securelevel.c
	    securelevel.h
Removed Files:
	src/sys/secmodel/bsd44: secmodel_bsd44_securelevel.c securelevel.h

Log Message:
Make securelevel a "secmodel" of its own.

While it's true that it's part of the traditional 4.4BSD security model,
there may come a time where a different "primary" security model used for
fine-grained privileges (ie., splitting root's responsibilities to various
privileges that can be assigned) may want to still have a securelevel
setting.

Idea from Daniel Carosone:

  http://mail-index.netbsd.org/tech-security/2006/08/25/0001.html

The location of the removed files, for reference, was:

  src/secmodel/bsd44/secmodel_bsd44_securelevel.c
  src/secmodel/bsd44/securelevel.h


To generate a diff of this commit:
cvs rdiff -r1.1090 -r1.1091 src/distrib/sets/lists/comp/mi
cvs rdiff -r1.252 -r1.253 src/share/man/man9/Makefile
cvs rdiff -r1.10 -r1.11 src/share/man/man9/secmodel_bsd44.9
cvs rdiff -r0 -r1.1 src/share/man/man9/secmodel_securelevel.9
cvs rdiff -r1.1 -r1.2 \
    src/sys/lkm/kauth/secmodel_bsd44/secmodel_bsd44_lkminit.c
cvs rdiff -r1.1 -r1.2 src/sys/secmodel/files.secmodel
cvs rdiff -r1.1 -r1.2 src/sys/secmodel/bsd44/files.bsd44
cvs rdiff -r1.10 -r1.11 src/sys/secmodel/bsd44/secmodel_bsd44.c
cvs rdiff -r1.3 -r1.4 src/sys/secmodel/bsd44/secmodel_bsd44_logic.c
cvs rdiff -r1.30 -r0 src/sys/secmodel/bsd44/secmodel_bsd44_securelevel.c
cvs rdiff -r1.5 -r0 src/sys/secmodel/bsd44/securelevel.h
cvs rdiff -r0 -r1.1 src/sys/secmodel/securelevel/files.securelevel \
    src/sys/secmodel/securelevel/secmodel_securelevel.c \
    src/sys/secmodel/securelevel/securelevel.h

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.