Re: Proposal: Disable autoload of compat_xyz modules

To: Emmanuel Dreyfus <manu%netbsd.org@localhost>
Subject: Re: Proposal: Disable autoload of compat_xyz modules
From: maya%netbsd.org@localhost
Date: Thu, 3 Aug 2017 11:35:43 +0000

On Thu, Aug 03, 2017 at 01:23:17AM +0200, Emmanuel Dreyfus wrote:
> Taylor R Campbell <campbell+netbsd-tech-kern%mumble.net@localhost> wrote:
> 
> Once every compatibility module would not loaded by default, pehaps the
> compat_xxx module could be loaded automatically if /emul/xxx/ exists?
> 
> The presence of that hierarchy means the system administrator really
> meant to use compat_xxx, and it would avoid breaking existing system at
> upgrade time.

Sounds good.

By the way, isn't that what happens in practice anyway? the only way to
reach the COMPAT_OTHEROS code is to first exec a binary, which looks for
an interpreter in /emul/otheros. If one doesn't exist, exec will fail.

I would feel more assured if COMPAT_SVR4 didn't exist in my kernels, but
I suspect the vulnerability doesn't affect me.

Follow-Ups:
- Re: Proposal: Disable autoload of compat_xyz modules
  - From: John Nemeth
- Re: Proposal: Disable autoload of compat_xyz modules
  - From: Emmanuel Dreyfus
- Re: Proposal: Disable autoload of compat_xyz modules
  - From: Joerg Sonnenberger

References:
- Proposal: Disable autoload of compat_xyz modules
  - From: Taylor R Campbell
- Re: Proposal: Disable autoload of compat_xyz modules
  - From: Emmanuel Dreyfus

Prev by Date: Re: Proposal: Disable autoload of compat_xyz modules
Next by Date: Re: Proposal: Disable autoload of compat_xyz modules
Previous by Thread: Re: Proposal: Disable autoload of compat_xyz modules
Next by Thread: Re: Proposal: Disable autoload of compat_xyz modules
Indexes:

Home | Main Index | Thread Index | Old Index