Re: kernel module loading vs securelevel

To: Izumi Tsutsui <tsutsui%ceres.dti.ne.jp@localhost>
Subject: Re: kernel module loading vs securelevel
From: David Holland <dholland-tech%netbsd.org@localhost>
Date: Sat, 16 Oct 2010 18:56:11 +0000

On Sun, Oct 17, 2010 at 03:38:42AM +0900, Izumi Tsutsui wrote:
 > >  > Heh, then why have we had it on i386 for years?
 > > 
 > > Because of the X server.
 > 
 > You are just saying:
 > "We introduced a significant security regression just for our own
 > convenience."

Perhaps...

 > I see no proper reason to avoid INSECURE for MODULAR if it's okay for X.

...and I'm not convinced of this, primarily because (from a practical
point of view) X is unavoidable and unfixable, whereas modules are
neither.

This gets back to the underlying question of what purpose modules are
supposed to serve, and as I know everyone knows what I think and is
sick and tired of hearing about it, I'll pipe down.

-- 
David A. Holland
dholland%netbsd.org@localhost

Follow-Ups:
- re: kernel module loading vs securelevel
  - From: matthew green
- Re: kernel module loading vs securelevel
  - From: Izumi Tsutsui

References:
- Re: kernel module loading vs securelevel
  - From: David Holland
- Re: kernel module loading vs securelevel
  - From: Izumi Tsutsui

Prev by Date: Re: kernel module loading vs securelevel
Next by Date: Re: kernel module loading vs securelevel
Previous by Thread: Re: kernel module loading vs securelevel
Next by Thread: Re: kernel module loading vs securelevel
Indexes:

Home | Main Index | Thread Index | Old Index