tech-kern archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

Re: kernel module loading vs securelevel

On Sun, Oct 17, 2010 at 03:03:58AM +0900, Izumi Tsutsui wrote:
> > > If we should I'll enable options INSECURE by default on ports
> > > that require options MODULAR (to save kernel file size).
> > 
> > Do not do that.  You will introduce a significant security regression
> > just for your own convenience.
> Heh, then why have we had it on i386 for years?

So what you're trying to suggest is that if one port, for historical
reasons, ships with an insecure setting in the default kernel, that's
an explanation of why *every* port should?

I think there's something wrong with your logic.


Home | Main Index | Thread Index | Old Index