I see some securelevel stuff is heading into the kernel. Can I recommend
we make securelevel a bitmap sooner rather than later? I think the
linux-privs project initiated the idea. I wrote a silly little proof of
concept patch to implement securelevel on top of linux-privs. It is
archived on ftp.kernel.org, and it might be worthwhile looking at it to
see
1) Stuff in need of protecting it might be easy to forget.
2) A suggestion of some typical bit definitions we might have.
The "securelevel > 0" is a bit coarse grained; maybe an admin might want
to make it hard to fire up a packet sniffer by disabling promisc. mode,
but not also want the anal protection of raw block devices required to
protect immutable files and the like.
Cheers
Chris