Starting X11 with kernel secure level greater than -1/0.

[ian ivy]

Thanks Jason. Of course opening (or doing whatever with) mem, kmem etc.
is a security flaw. A fatal flaw. I thought that OpenBSD team has done nice
work to achieve a compromise between security and the use of X and
it could be done with FreeBSD.

I already have implemented some of MAC's policies (e.g. mac_seeotheruids),
and a couple of sysctl's options, but for now, it is implemented for
various testing.
I have to read a lot more on these topics. :-)

Kernel without BPF? OK! But not for now - I need to have DHCP upon startup
for some time yet.! :-)

Best regards!