Date: Wed, 25 Apr 2001 16:03:56 -0400 (EDT) From: Robert Watson <rwatson@FreeBSD.org> To: Warner Losh <imp@harmony.village.org> Cc: cvs-committers@FreeBSD.org, cvs-all@FreeBSD.org Subject: Re: cvs commit: src/sys/conf Makefile.alpha Makefile.i386 Makefile.ia64 Makefile.pc98 Message-ID: <Pine.NEB.3.96L.1010425160211.40560A-100000@fledge.watson.org> In-Reply-To: <200104252000.f3PK04826409@harmony.village.org>
next in thread | previous in thread | raw e-mail | index | archive | help
On Wed, 25 Apr 2001, Warner Losh wrote: > In message <Pine.NEB.3.96L.1010425101646.34527A-100000@fledge.watson.org> Robert Watson writes: > : Better yet, disable the setting of flags. :-) > > I'd love to do that. Would people support me? It seems to come up every now and then. Frankly, I'd like to see them disabled by default, as they break install onto a variety of non-FFS file systems, in jail(), and cause a lot of POLA. And they offer no real benefit in the default install (arguably you might be able to configure securelevels to do what they claim, but it will require a lot more thank sprinkling noschg on a few kernel modules). Robert N M Watson FreeBSD Core Team, TrustedBSD Project robert@fledge.watson.org NAI Labs, Safeport Network Services To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe cvs-all" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.NEB.3.96L.1010425160211.40560A-100000>