co...@sdf.org writes:
> On Wed, Dec 28, 2016 at 12:05:58AM +, Roy Marples wrote:
> > Can you please explain how the security model was broken?
> >
>
> intention with securelevel is to do less things kernel-side
> if it is raised (which, I hope, reduces our attack surface).
>
> I don't think it's worth adding this complexity for better
> npfctl warnings (it's just a warning and doesn't change its
> behaviour).
>
> If you want, I can modify npfctl not to warn for the EPERM
> case. I'm not sure whether that is better.
change npfctl to check if the module is builtin or already
loaded?
if (modctl(MODCTL_EXISTS, 0) != -1 || errno != EPERM) {
modctl_load_t m;
// setup m
if (modctl(MODCTL_LOAD, ) == -1) {
// complain here only
}
}
.mrg.