Port-xen archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

Re: Xen3 update



On Tue, Mar 07, 2006 at 07:58:47PM -0500, Jed Davis wrote:
> Thor Lancelot Simon <tls%rek.tjls.com@localhost> writes:
> 
> > Any code that doesn't work on a kernel without INSECURE won't work on
> > most people's i386 servers.  There is not much code like that out there,
> > and what there is almost all uses memory or i/o access to whack devices
> > directly, which you can't do with a XENU kernel anyway.
> 
> Despite that I dislike having INSECURE in any default config:
> What about a XENU that's been given access to physical devices?

That is not the case in the "XENU" kernel configuration that we ship,
now is it?

It's absurd that the XENU kernel configuration participates in a notorious,
and optional, security hole that the i386 GENERIC configuration has only
so that it can run X, when that kernel configuration (the XENU we ship)
clearly cannot run X.  The rest of it is, from my point of view, just
excuses.

-- 
  Thor Lancelot Simon                                        
tls%rek.tjls.com@localhost

  "We cannot usually in social life pursue a single value or a single moral
   aim, untroubled by the need to compromise with others."      - H.L.A. Hart



Home | Main Index | Thread Index | Old Index