From owner-freebsd-hackers  Sat Mar 16 11:37:18 2002
Delivered-To: freebsd-hackers@freebsd.org
Received: from artemis.drwilco.net (diana.drwilco.net [66.48.127.79])
	by hub.freebsd.org (Postfix) with ESMTP
	id DA78637B400; Sat, 16 Mar 2002 11:37:08 -0800 (PST)
Received: from ceres.drwilco.net (docwilco.xs4all.nl [213.84.68.230])
	by artemis.drwilco.net (8.11.6/8.11.6) with ESMTP id g2GJbAV74705
	(using TLSv1/SSLv3 with cipher DES-CBC3-SHA (168 bits) verified NO);
	Sat, 16 Mar 2002 14:37:13 -0500 (EST)
	(envelope-from drwilco@drwilco.net)
Message-Id: <5.1.0.14.0.20020316204406.01c3bcb0@mail.drwilco.net>
X-Sender: lists@mail.drwilco.net
X-Mailer: QUALCOMM Windows Eudora Version 5.1
Date: Sat, 16 Mar 2002 20:48:19 +0100
To: Robert Watson <rwatson@FreeBSD.ORG>, Jeff Jirsa <jjirsa@hmc.edu>
From: "Rogier R. Mulhuijzen" <drwilco@drwilco.net>
Subject: Re: logging securelevel violations
Cc: freebsd-hackers@FreeBSD.ORG, arr@FreeBSD.ORG
In-Reply-To: <Pine.NEB.3.96L.1020316091906.13304R-100000@fledge.watson.o
 rg>
References: <002001c1c936$c25ff4d0$5e3bad86@boredom>
Mime-Version: 1.0
Content-Type: text/plain; charset="us-ascii"; format=flowed
Sender: owner-freebsd-hackers@FreeBSD.ORG
Precedence: bulk
List-ID: <freebsd-hackers.FreeBSD.ORG>
List-Archive: <http://docs.freebsd.org/mail/> (Web Archive)
List-Help: <mailto:majordomo@FreeBSD.ORG?subject=help> (List Instructions)
List-Subscribe: <mailto:majordomo@FreeBSD.ORG?subject=subscribe%20freebsd-hackers>
List-Unsubscribe: <mailto:majordomo@FreeBSD.ORG?subject=unsubscribe%20freebsd-hackers>
X-Loop: FreeBSD.ORG

At 09:23 16-3-2002 -0500, Robert Watson wrote:
>  Second, these
>warnings would be generated during normal operations, as a number of
>applications attempt to load kernel modules when they need them, including
>ppp.  Generating spurious warnings as part of normal system activity isn't
>necessarily a useful activity, and tends to result in more calls for help
>on questions@.

I don't know. Today I had someone who had trouble installing a new kernel. 
I asked him what secure level he used and he didn't know. Turned out he had 
selected the SECURE profile in the installer and had securelevel 2.  If the 
kernel had spewed a message at him saying something like "Cannot remove 
file with current securelevel" or likewise he would have been able to 
figure it out on his own.

When you try to write to a file and normal file permissions deny you this 
action don't you get a "permission denied"? It's just an error message 
informing the user something can't be done because of a specific reason.

If a user can't load kernel modules that he needs for ppp, wouldn't you 
rather have him ask "I get this message about securelevel when I try to use 
ppp and it doesn't work" instead of "ppp doesn't work and I don't know why"?

         Doc


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-hackers" in the body of the message