On Mon, 16 Jun 2008 19:10:17 +0100
"Rui Paulo" <rpauloFreeBSD.org> mentioned:

> There's no security issue here.
> If the system administrator is concerned about
"security" of cpuctl,
> he/she just has to compile-out cpuctl or remove the
module from the
> file system.
> 

Well, in this case it would be possible to load that again.
Setting
a non-zero securelevel or implementing a specific MAC policy
might
be a more correct solution. cpuctl(4) won't allow any MSR
operations
if securelevel is above zero.

-- 
Stanislav Sedov
ST4096-RIPE