| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Wed, 20 Aug 2008 23:14:36 -0700 From: ebiederm@...ssion.com (Eric W. Biederman) To: "Andi Kleen" <andi@...stfloor.org> Cc: torvalds@...l.org, linux-kernel@...r.kernel.org, Andi Kleen <ak@...ux.intel.com> Subject: Re: [PATCH] Move sysctl check into debugging section and don't make it default y "Andi Kleen" <andi@...stfloor.org> writes: > From: Andi Kleen <ak@...ux.intel.com> > > I noticed that sysctl_check.o was the largest object file in > a allnoconfig build in kernel/*. > > 36243 0 0 36243 8d93 kernel/sysctl_check.o > > This is because it was default y and && EMBEDDED. But I don't > really see a need for a non kernel developer to have their > sysctls checked all the time. What is a feature change like this doing coming in after the merge window? Why doesn't an allnoconfig disable sysctl all together? > So move the Kconfig into the kernel debugging section and > also drop the default y and the EMBEDDED check. Which is an idiotic thing to do. These are the only checks we have against someone doing something nasty in the sysctl hierarchy. We have proven that we don't have the discipline to do the right thing with code in the core kernel. I expect out of tree code will be much worse. Eric -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists