K 10
svn:author
V 7
rwatson
K 8
svn:date
V 27
2001-11-02T16:41:06.000000Z
K 7
svn:log
V 527
o Add a comment to p_candebug() noting that the P_INEXEC check should
  really be moved elsewhere: p_candebug() encapsulates the security
  policy decision, whereas the P_INEXEC check has to do with "correctness"
  regarding race conditions, rather than security policy.

  Example: even if no security protections were enforced (the "uids are
  advisory" model), removing P_INEXEC could result in incorrect operation
  due to races on credential evaluation and modification during execve().

Obtained from:	TrustedBSD Project

END