Garrett D'Amore wrote:

> These checks maybe should be enabled by yet another sysctl, in case some
> site has some special reason not to enforce them.

It seems like this is getting way too bloated. The original request was
for a knob to be used on development machines; I'm not sure who would
want to enable such a feature on a production box.

The suggestion of setting a directory and owner via sysctl seems enough
for me; root should take care of anything around it.

-e.

-- 
Elad Efrat