Date: Sat, 16 Mar 2002 20:48:19 +0100 From: "Rogier R. Mulhuijzen" <drwilco@drwilco.net> To: Robert Watson <rwatson@FreeBSD.ORG>, Jeff Jirsa <jjirsa@hmc.edu> Cc: freebsd-hackers@FreeBSD.ORG, arr@FreeBSD.ORG Subject: Re: logging securelevel violations Message-ID: <5.1.0.14.0.20020316204406.01c3bcb0@mail.drwilco.net> In-Reply-To: <Pine.NEB.3.96L.1020316091906.13304R-100000@fledge.watson.o rg> References: <002001c1c936$c25ff4d0$5e3bad86@boredom>
next in thread | previous in thread | raw e-mail | index | archive | help
At 09:23 16-3-2002 -0500, Robert Watson wrote:
> Second, these
>warnings would be generated during normal operations, as a number of
>applications attempt to load kernel modules when they need them, including
>ppp. Generating spurious warnings as part of normal system activity isn't
>necessarily a useful activity, and tends to result in more calls for help
>on questions@.
I don't know. Today I had someone who had trouble installing a new kernel.
I asked him what secure level he used and he didn't know. Turned out he had
selected the SECURE profile in the installer and had securelevel 2. If the
kernel had spewed a message at him saying something like "Cannot remove
file with current securelevel" or likewise he would have been able to
figure it out on his own.
When you try to write to a file and normal file permissions deny you this
action don't you get a "permission denied"? It's just an error message
informing the user something can't be done because of a specific reason.
If a user can't load kernel modules that he needs for ppp, wouldn't you
rather have him ask "I get this message about securelevel when I try to use
ppp and it doesn't work" instead of "ppp doesn't work and I don't know why"?
Doc
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-hackers" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?5.1.0.14.0.20020316204406.01c3bcb0>