[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
Re: kernel module loading vs securelevel
On Sun, 17 Oct 2010 03:38:42 +0900
Izumi Tsutsui <tsutsui%ceres.dti.ne.jp@localhost> wrote:
> > > > > If we should I'll enable options INSECURE by default on ports
> > > > > that require options MODULAR (to save kernel file size).
> > > >
> > > > Do not do that. You will introduce a significant security regression
> > > > just for your own convenience.
> > >
> > > Heh, then why have we had it on i386 for years?
> > Because of the X server.
> You are just saying:
> "We introduced a significant security regression just for our own
> I see no proper reason to avoid INSECURE for MODULAR if it's okay for X.
> Izumi Tsutsui
i dont think securelevels are really that useful
NetBSD - Simplicity is prerequisite for reliability
Main Index |
Thread Index |