lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:	Sat, 16 Sep 2006 02:23:27 +0200
From:	Olivier Galibert <galibert@...ox.com>
To:	linux-kernel@...r.kernel.org
Subject: Re: + allow-proc-configgz-to-be-built-as-a-module.patch added to -mm tree

On Fri, Sep 15, 2006 at 04:41:35PM -0700, Andrew Morton wrote:
> I'd want to be hearing from distro people on that - I'd expect that the
> .config which is used to build configs.ko would not differ from that which
> is used to build vmlinux.

What's the point though?  If you can find configs.ko, you can have
install_modules copy config.gz there, no?  And you also have it in
/boot/config-`uname -r`.  /proc/config.gz has a trust value only
because it is linked into the image.  Having it as a module gives the
exact save level of trustyness that the perfectly well working
solution of copying in /boot had before.

In other terms, if you allow configs.ko, you can't trust the contents
of /proc/config.gz anymore and /proc/config.gz lost all its interest
where it comes to debugging.

  OG.

-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ