Date: Mon, 12 Feb 2001 11:26:04 -0500 (EST) From: Robert Watson <rwatson@FreeBSD.org> To: Peter Wemm <peter@netplex.com.au> Cc: Warner Losh <imp@harmony.village.org>, Peter Pentchev <roam@orbitel.bg>, Dag-Erling Smorgrav <des@FreeBSD.org>, cvs-committers@FreeBSD.org, cvs-all@FreeBSD.org Subject: Re: cvs commit: src/sys/vm vm_zone.c vm_zone.h Message-ID: <Pine.NEB.3.96L.1010212112307.87908P-100000@fledge.watson.org> In-Reply-To: <200102121614.f1CGEhU51322@mobile.wemm.org>
next in thread | previous in thread | raw e-mail | index | archive | help
On Mon, 12 Feb 2001, Peter Wemm wrote: > Warner Losh wrote: > > In message <Pine.NEB.3.96L.1010122142028.19966D-100000@fledge.watson.org> Rob > ert Watson writes: > > : appreciated. (this will also make it easier for portable kernel > > : monitoring tools to be written, and allow graphical monitoring tools to > > : run with less privilege). > > > > And generally make for a happier security officer team :-) > > And an unhappier team of people dealing with kernel crashdumps. :-( > > All this sysctl stuff is fine, but dont kill the crashdump reading code! > If -M or -N are specified then use the old way (and require root to be > running it). Without -M or -N, use sysctl. All patches submitted on the freebsd-audit mailing list to remove setgid from top, systat, dmesg, etc, have maintained backwards compatibility by using kmem when the -M or -N argument is provided, permitting them to continue to work on system dumps -- and even on /dev/kmem, it just requires that you run them as root now, since they won't be setgid kmem. If you have a few minutes and want to verify that the new versions will continue to work properly for you, and that you think they're implemented right, the archives of -audit contain a number of relevant posts by Thomas Moestl <tmoestl@gmx.net>. Robert N M Watson FreeBSD Core Team, TrustedBSD Project robert@fledge.watson.org NAI Labs, Safeport Network Services To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe cvs-all" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.NEB.3.96L.1010212112307.87908P-100000>