Re: kernel module loading vs securelevel

To: tls%panix.com@localhost
Subject: Re: kernel module loading vs securelevel
From: Izumi Tsutsui <tsutsui%ceres.dti.ne.jp@localhost>
Date: Sun, 17 Oct 2010 03:51:52 +0900

> > > > If we should I'll enable options INSECURE by default on ports
> > > > that require options MODULAR (to save kernel file size).
> > > 
> > > Do not do that.  You will introduce a significant security regression
> > > just for your own convenience.
> > 
> > Heh, then why have we had it on i386 for years?
> 
> So what you're trying to suggest is that if one port, for historical
> reasons, ships with an insecure setting in the default kernel, that's
> an explanation of why *every* port should?

Who said *every* port?

> > > > If we should I'll enable options INSECURE by default on ports
> > > > that require options MODULAR (to save kernel file size).

I'm just asking if "options INSECURE is mandaory to use autoloading,"
not module/autoloading is secure/silly/boo or not.

---
Izumi Tsutsui

Follow-Ups:
- Re: kernel module loading vs securelevel
  - From: Thor Lancelot Simon

References:
- Re: kernel module loading vs securelevel
  - From: Thor Lancelot Simon

Prev by Date: Re: kernel module loading vs securelevel
Next by Date: Re: kernel module loading vs securelevel
Previous by Thread: Re: kernel module loading vs securelevel
Next by Thread: Re: kernel module loading vs securelevel
Indexes:

Home | Main Index | Thread Index | Old Index