Thanks Jason. Of course opening (or doing whatever with) mem, kmem etc. is a security flaw. A fatal flaw. I thought that OpenBSD team has done nice work to achieve a compromise between security and the use of X and it could be done with FreeBSD.
I already have implemented some of MAC's policies (e.g. mac_seeotheruids), and a couple of sysctl's options, but for now, it is implemented for various testing. I have to read a lot more on these topics. :-) Kernel without BPF? OK! But not for now - I need to have DHCP upon startup for some time yet.! :-) Best regards! _______________________________________________ [email protected] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-security To unsubscribe, send any mail to "[email protected]"
