Re: Xen3 update

To: Jed Davis <jdev%panix.com@localhost>
Subject: Re: Xen3 update
From: Thor Lancelot Simon <tls%rek.tjls.com@localhost>
Date: Tue, 7 Mar 2006 23:54:26 -0500

On Tue, Mar 07, 2006 at 07:58:47PM -0500, Jed Davis wrote:
> Thor Lancelot Simon <tls%rek.tjls.com@localhost> writes:
> 
> > Any code that doesn't work on a kernel without INSECURE won't work on
> > most people's i386 servers.  There is not much code like that out there,
> > and what there is almost all uses memory or i/o access to whack devices
> > directly, which you can't do with a XENU kernel anyway.
> 
> Despite that I dislike having INSECURE in any default config:
> What about a XENU that's been given access to physical devices?

That is not the case in the "XENU" kernel configuration that we ship,
now is it?

It's absurd that the XENU kernel configuration participates in a notorious,
and optional, security hole that the i386 GENERIC configuration has only
so that it can run X, when that kernel configuration (the XENU we ship)
clearly cannot run X.  The rest of it is, from my point of view, just
excuses.

-- 
  Thor Lancelot Simon                                        
tls%rek.tjls.com@localhost

  "We cannot usually in social life pursue a single value or a single moral
   aim, untroubled by the need to compromise with others."      - H.L.A. Hart

Follow-Ups:
- Re: Xen3 update
  - From: Jed Davis

References:
- Xen3 update
  - From: Manuel Bouyer
- Re: Xen3 update
  - From: Jeff Rizzo
- Re: Xen3 update
  - From: Manuel Bouyer
- Re: Xen3 update
  - From: Thor Lancelot Simon
- Re: Xen3 update
  - From: Jed Davis

Prev by Date: Re: Xen3 update
Next by Date: Re: Xen3 update
Previous by Thread: Re: Xen3 update
Next by Thread: Re: Xen3 update
Indexes:

Home | Main Index | Thread Index | Old Index