On Fri, Jul 30, 1999 at 05:42:57PM -0600, Warner Losh wrote: > In message <[EMAIL PROTECTED]> "Brian F. >Feldman" writes: > : And how about having > : if (securelevel > 3) > : return (EPERM); > : in bpf_open()? > > There are no security levels > 3. I'd be happy with > 0. This is > consistant with the meaning of "raw devices". I hope you mean "> 1". I often diagnose problems using tcpdump etc., and I don't think bpf should be broken just because someone wants the minor "flags can't be turned off" feature of level 1. It seems to be that disabling bpf is more appropriate for security level 2 and up, if such a thing is desirable. I'm not sure it is. -- Christopher Masto Senior Network Monkey NetMonger Communications [EMAIL PROTECTED] [EMAIL PROTECTED] http://www.netmonger.net Free yourself, free your machine, free the daemon -- http://www.freebsd.org/ To Unsubscribe: send mail to [EMAIL PROTECTED] with "unsubscribe freebsd-hackers" in the body of the message
- Re: So, back on the topic of e... Warner Losh
- Re: So, back on the topic of e... Sergey Babkin
- Re: So, back on the topic of e... Josef Karthauser
- Re: So, back on the topic of enabl... Warner Losh
- Re: So, back on the topic of e... Sergey Babkin
- Re: So, back on the topic of enabl... Bernd Walter
- Re: So, back on the topic of e... Ben Rosengart
- Re: So, back on the topic of e... Bernd Walter
- Re: So, back on the topic of e... Bill Fumerola
- Re: So, back on the topic of e... Warner Losh
- Re: So, back on the topic of enabl... Christopher Masto
- Re: So, back on the topic of enabl... Warner Losh
- Re: So, back on the topic of enabl... Warner Losh
- Re: So, back on the topic of enabling b... Wes Peters
- Re: So, back on the topic of enabling bpf in GE... Warner Losh
- Re: So, back on the topic of enabling bpf in GENERIC... Nate Williams
- Re: So, back on the topic of enabling bpf in GENERIC... Daniel C. Sobral
- Re: So, back on the topic of enabling bpf in GENERIC... Wes Peters
- Re: So, back on the topic of enabling bpf in GENERIC... Peter Jeremy
