Maxime Villard writes: > > the broken kvm tools > > which ones?
fstat for a start. > > this level of security > > None of Linux, Windows, MacOS and more accept to leak pointers; it is not > a high level, it is a basic level. > > And no, this change shouldn't stay as-is. It shouldn't be hard to open > new sysctls that don't leak stuff. All of that was already discussed. i don't care what other platforms do -- i care about netbsd not breaking basic functionality. you did that, and christos commited my fix to unbreak it. you're entirely welcome to fix this properly, but you are not welcome to break every platform's. fix the sysctls *THEN* enable the security. you've broken my ability to debug problems on systems i am not the admin on, and i've multiple times failed to diagnose a problem because fstat did not work. .mrg.