Subject: Re: Dividing securelevel implications to kauth(9) scopes
To: None <>
From: YAMAMOTO Takashi <>
List: tech-security
Date: 05/16/2006 09:03:06
> I looked at where securelevel is used in the kernel and summed it up
> to a list. It's available online at:
> The format is very clear and simple: for every securelevel 0, 1, 2
> I listed the implications, and divided them to those that affect the
> "TCB" (or, the original intention of securelevel, as it appears in
> The Design and Implementation of 4.4BSD) and other misc. stuff.
> In square brackets listed the kauth(9) scope I suggest. The new scopes
> suggested are "network", "driver", and "machdep".

i think chflags shouldn't be "generic".

can you propose operations and their arguments as well?
to me, it isn't clear how "driver" scope operations will be, for example.