--- ./kernel/sysctl.c.mps	Wed Nov  5 23:41:29 2003
+++ ./kernel/sysctl.c	Wed Nov  5 23:44:37 2003
@@ -300,7 +300,7 @@
 GS_SOCKET_ALL, GS_SOCKET_ALL_GID, GS_SOCKET_CLIENT,
 GS_SOCKET_CLIENT_GID, GS_SOCKET_SERVER, GS_SOCKET_SERVER_GID, 
 GS_GROUP, GS_GID, GS_ACHDIR, GS_AMOUNT, GS_AIPC, GS_DMSG, GS_RANDRPC,
-GS_FINDTASK, GS_LOCK};
+GS_FINDTASK, GS_IO, GS_LOCK};
 
 static ctl_table grsecurity_table[] = {
 	{GS_ACL,"acl", NULL, sizeof(int), 0600, NULL, &gr_proc_handler},
@@ -466,6 +466,10 @@
 	{GS_FINDTASK, "chroot_findtask", &grsec_enable_chroot_findtask, 
 	 sizeof (int), 0600, NULL, &proc_dointvec},
 #endif
+#ifdef CONFIG_GRKERNSEC_IO
+	{GS_IO, "secure_io", &grsec_enable_secure_io, 
+	 sizeof (int), 0600, NULL, &proc_dointvec},
+#endif
 	{GS_LOCK, "grsec_lock", &grsec_lock, sizeof (int), 0600, NULL,
 	 &proc_dointvec},
 #endif
--- ./include/linux/grinternal.h.mps	Thu Nov  6 00:10:09 2003
+++ ./include/linux/grinternal.h	Thu Nov  6 00:10:42 2003
@@ -64,6 +64,7 @@
 extern int grsec_enable_audit_ipc;
 extern int grsec_enable_mount;
 extern int grsec_enable_chdir;
+extern int grsec_enable_secure_io;
 extern int grsec_lock;
 
 extern struct task_struct *child_reaper;
--- ./grsecurity/grsec_init.c.mps	Wed Nov  5 23:48:04 2003
+++ ./grsecurity/grsec_init.c	Wed Nov  5 23:50:44 2003
@@ -46,6 +46,7 @@
 int grsec_socket_client_gid;
 int grsec_enable_socket_server;
 int grsec_socket_server_gid;
+int grsec_enable_secure_io;
 int grsec_lock;
 
 spinlock_t grsec_alert_lock = SPIN_LOCK_UNLOCKED;
@@ -198,6 +199,9 @@
 	grsec_enable_socket_server = 1;
 	grsec_socket_server_gid = CONFIG_GRKERNSEC_SOCKET_SERVER_GID;
 #endif
+#ifdef CONFIG_GRKERNSEC_IO
+	grsec_enable_secure_io = 1;
+#endif
 #endif
 
 	return;
--- ./grsecurity/grsec_mem.c.mps	Wed Nov  5 23:56:59 2003
+++ ./grsecurity/grsec_mem.c	Thu Nov  6 00:18:21 2003
@@ -6,14 +6,16 @@
 void
 gr_handle_ioperm(void)
 {
-	security_alert(GR_IOPERM_MSG, DEFAULTSECARGS);
+	if (grsec_enable_secure_io)
+		security_alert(GR_IOPERM_MSG, DEFAULTSECARGS);
 	return;
 }
 
 void
 gr_handle_iopl(void)
 {
-	security_alert(GR_IOPL_MSG, DEFAULTSECARGS);
+	if (grsec_enable_secure_io)
+		security_alert(GR_IOPL_MSG, DEFAULTSECARGS);
 	return;
 }