tech-kern archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

Re: kernel module loading vs securelevel



> > > > If we should I'll enable options INSECURE by default on ports
> > > > that require options MODULAR (to save kernel file size).
> > > 
> > > Do not do that.  You will introduce a significant security regression
> > > just for your own convenience.
> > 
> > Heh, then why have we had it on i386 for years?
> 
> So what you're trying to suggest is that if one port, for historical
> reasons, ships with an insecure setting in the default kernel, that's
> an explanation of why *every* port should?

Who said *every* port?

> > > > If we should I'll enable options INSECURE by default on ports
> > > > that require options MODULAR (to save kernel file size).

I'm just asking if "options INSECURE is mandaory to use autoloading,"
not module/autoloading is secure/silly/boo or not.

---
Izumi Tsutsui


Home | Main Index | Thread Index | Old Index