Date: Sun, 20 Jun 1999 18:42:05 +0100 From: dev.null@funbox.demon.co.uk To: freebsd-security@freebsd.org Subject: Re: proposed secure-level 4 patch Message-ID: <376D27ED.0180@funbox.demon.co.uk>
next in thread | raw e-mail | index | archive | help
Eivind wrote: > I think using securelevel 4 for this is a bad idea. I believe the > right thing to do with securelevels is to start splitting them into a > set of different sysctls, where each individual feature can be turned > off. It is convenient to have a set of sysctls you can use to "turn > off everything" (like securelevel does today). Agreed! Another way of doing that might be to use a bit vector to specify the securelevel. It would be closer in syntax to the current method, and would give the desired flexibility and control over the individual capabilitiies. Thoughts about a bit vector, anyone? Tim -- Tim Jackson (PGP key available) ________________________________________________________________________ please reply to: t i m . j @ f u n b o x . d e m o n . c o . u k To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?376D27ED.0180>