Thor Lancelot Simon wrote:

> I think we're talking past each other, somehow.  I don't understand
> what you want to know (that I didn't already describe), which is almost
> certainly my own fault.  Could you elucidate?

Sure -- I simply want you to tell me, for example, what set of
operations would be allowed in run-level 1, but not in run-level 2,
and so on. I think your other reply suggests that you'll do that. :)

> 1) The mask for level N can only be loaded into the kernel at level < N

Can you elaborate a bit on what you mean by loading a mask? how would
that work? is there any existing implementation that does the same?

> 3) On transition to level N, the kernel automatically applies the "level
>    N" mask to all operations.

What "operations" are you referring to? I thought that on a transition
to level N, the transition itself is enough to ensure further kauth(9)
calls on the scope(s) will be affected by the change.

-e.

-- 
Elad Efrat