tech-kern archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

Re: kernel module loading vs securelevel



On Sun, 17 Oct 2010 03:38:42 +0900
Izumi Tsutsui <tsutsui%ceres.dti.ne.jp@localhost> wrote:

> >  > > > If we should I'll enable options INSECURE by default on ports
> >  > > > that require options MODULAR (to save kernel file size).
> >  > > 
> >  > > Do not do that.  You will introduce a significant security regression
> >  > > just for your own convenience.
> >  > 
> >  > Heh, then why have we had it on i386 for years?
> > 
> > Because of the X server.
> 
> You are just saying:
> "We introduced a significant security regression just for our own 
> convenience."
> 
> I see no proper reason to avoid INSECURE for MODULAR if it's okay for X.
> ---
> Izumi Tsutsui

i dont think securelevels are really that useful

-- 
NetBSD - Simplicity is prerequisite for reliability


Home | Main Index | Thread Index | Old Index