Re: kernel module loading vs securelevel

To: tech-kern%netbsd.org@localhost
Subject: Re: kernel module loading vs securelevel
From: Adam Hoka <adam.hoka%gmail.com@localhost>
Date: Sat, 16 Oct 2010 20:49:11 +0200

On Sun, 17 Oct 2010 03:38:42 +0900
Izumi Tsutsui <tsutsui%ceres.dti.ne.jp@localhost> wrote:

> >  > > > If we should I'll enable options INSECURE by default on ports
> >  > > > that require options MODULAR (to save kernel file size).
> >  > > 
> >  > > Do not do that.  You will introduce a significant security regression
> >  > > just for your own convenience.
> >  > 
> >  > Heh, then why have we had it on i386 for years?
> > 
> > Because of the X server.
> 
> You are just saying:
> "We introduced a significant security regression just for our own 
> convenience."
> 
> I see no proper reason to avoid INSECURE for MODULAR if it's okay for X.
> ---
> Izumi Tsutsui

i dont think securelevels are really that useful

-- 
NetBSD - Simplicity is prerequisite for reliability

References:
- Re: kernel module loading vs securelevel
  - From: David Holland
- Re: kernel module loading vs securelevel
  - From: Izumi Tsutsui

Prev by Date: Re: kernel module loading vs securelevel
Next by Date: Re: kernel module loading vs securelevel
Previous by Thread: Re: kernel module loading vs securelevel
Next by Thread: Re: kernel module loading vs securelevel
Indexes:

Home | Main Index | Thread Index | Old Index