On Mon, Jun 16, 2008 at 10:27:40PM +0400, Stanislav Sedov wrote: > On Mon, 16 Jun 2008 19:10:17 +0100 > "Rui Paulo" <rpaulo_at_FreeBSD.org> mentioned: > > > There's no security issue here. > > If the system administrator is concerned about "security" of cpuctl, > > he/she just has to compile-out cpuctl or remove the module from the > > file system. > > > > Well, in this case it would be possible to load that again. Setting > a non-zero securelevel or implementing a specific MAC policy might > be a more correct solution. cpuctl(4) won't allow any MSR operations > if securelevel is above zero. Right, so the necessary checks are in place already. Regards, -- Rui PauloReceived on Mon Jun 16 2008 - 18:13:14 UTC
This archive was generated by hypermail 2.4.0 : Wed May 19 2021 - 11:39:32 UTC