[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <4883E465.4050405@trash.net>
Date: Mon, 21 Jul 2008 03:20:37 +0200
From: Patrick McHardy <kaber@...sh.net>
To: David Miller <davem@...emloft.net>
CC: torvalds@...ux-foundation.org, akpm@...ux-foundation.org,
netdev@...r.kernel.org, linux-kernel@...r.kernel.org,
jmorris@...ei.org
Subject: Re: [GIT]: Networking
David Miller wrote:
> From: Linus Torvalds <torvalds@...ux-foundation.org>
> Date: Sun, 20 Jul 2008 17:54:04 -0700 (PDT)
>
>
>> Grr. And I quote:
>>
>> Security table (IP_NF_SECURITY) [Y/n/?] (NEW) ?
>>
>> This option adds a `security' table to iptables, for use
>> with Mandatory Access Control (MAC) policy.
>>
>> If unsure, say N.
>>
>> why the heck does this new config option apparently default to 'Y'? It's a
>> new option, so no old users can need it, and the docs even say you should
>> say 'N' unless you know what you're doing.
>>
>> (Same issue with the IPv6 version).
>>
>> Don't do this.
>>
>
> James/Patrick please fix this.
>
This is only the NETFILTER_ADVANCED=n default (for SECURITY=y).
The netfilter defaults for NETFILTER_ADVANCED=n should be m/y for
things that are needed by mainstream distributions for normal
usage.
I'm not sure how this is going to be used, James?
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists