lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Message-Id: <1225471251.12673.408.camel@nimitz> Date: Fri, 31 Oct 2008 09:40:51 -0700 From: Dave Hansen <dave@...ux.vnet.ibm.com> To: Mimi Zohar <zohar@...ux.vnet.ibm.com> Cc: linux-kernel@...r.kernel.org, James Morris <jmorris@...ei.org>, David Safford <safford@...son.ibm.com>, Serge Hallyn <serue@...ux.vnet.ibm.com>, Mimi Zohar <zohar@...ibm.com> Subject: Re: [PATCH 2/3] integrity: Linux Integrity Module(LIM) On Mon, 2008-10-13 at 13:17 -0400, Mimi Zohar wrote: > Concern was raised on the lkml mailing list, about adding i_integrity > to the inode structure. This patch adds a comment clarifying that > i_integrity is only included in the inode if INTEGRITY is configured. Mimi, it is nice that you made this a config option. That definitely helps the embedded folks and those compiling their own kernels. But, it doesn't really help those who run distros. The distributions basically ship one kernel for everybody, and it has to have CONFIG_KITCHEN_SINK=y in order to support everyone's individual users. Although you provided a config option, in practice, this always bloats distro kernels which are the vast majority of users. Is this even useful for filesystems like proc or sysfs? Should we bloat those inodes for a feature which might not possibly apply there? -- Dave -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists