Alexander Langer <[EMAIL PROTECTED]> writes:
> The options should be a sysctl, since dhclient might move from inode to
> inode and I don't want to recompile a kernel everytime.
Had to wait till I figure out how to add a new sysctl. :-)
> Also, that should be a list of filesystem:inode pairs, imho, for
> multiple programs.
>
Oh, this one should be easy. If anyone wants this feature, I think I
can implement it. However, I'm told by Valentin Nechayev that I should follow the
mainstream development, so I think maybe I should cvsup to -current
and reimplement.
> OTOH, I don't know if that makes sense, since superuser still can
> compile a new kernel or set the sysctl.
>
Nothing can be saved if one can recompile the new kernel and reboot
with the new kernel. I think the point is the secure level. Once the
secure level is promoted, sysctl is disabled so that nobody can change
the program list, of course except rebooting.
Jiangyi
To Unsubscribe: send mail to [EMAIL PROTECTED]
with "unsubscribe freebsd-hackers" in the body of the message
