lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:	Tue, 26 Oct 2010 10:07:27 -0400
From:	"John Stoffel" <john@...ffel.org>
To:	Linus Torvalds <torvalds@...ux-foundation.org>
Cc:	"J.H." <warthog9@...nel.org>, John Stoffel <john@...ffel.org>,
	Eric Paris <eparis@...hat.com>, linux-kernel@...r.kernel.org,
	linux-security-module@...r.kernel.org,
	linux-fsdevel@...r.kernel.org, hch@...radead.org, zohar@...ibm.com,
	david@...morbit.com, jmorris@...ei.org, kyle@...artin.ca,
	hpa@...or.com, akpm@...ux-foundation.org, mingo@...e.hu,
	viro@...iv.linux.org.uk
Subject: Re: [PATCH 01/11] IMA: use rbtree instead of radix tree for inode
 information cache

>>>>> "Linus" == Linus Torvalds <torvalds@...ux-foundation.org> writes:

Linus> On Mon, Oct 25, 2010 at 12:38 PM, J.H. <warthog9@...nel.org> wrote:
>> 
>> I'll second both points.  If IMA is disabled, but compiled in, it *HAS*
>> to consume 0 resources.

Linus> I disagree. First off, this isn't actually true. Look at things
Linus> like quota support: it eats more memory in the inode than IMA
Linus> does after this patch-series (two pointers), and most people
Linus> don't use that either. So the "it must use zero extra memory"
Linus> is bogus - it's a balance between simplicity of the code and
Linus> memory use.

Quotas are useful in a much more general sense for managing a limited
resource (disk space) and for a larger audience as well.  And hey,
let's target quotas next!  *grin*

Linus> Secondly, right now we're in the situation that IMA just
Linus> sucks. Sucks with all capital letters, in fact. This
Linus> patch-series may not be perfect, but it's _so_ much better than
Linus> the current situation that I don't really see why people are so
Linus> adamantly negative about it.

I'm negative about it because I forsee very limited applicability to
normal day to day use of Linux in my work.  Quotas I use every day.  

Linus> Please do feel free to be constructive about it, and I'm sure
Linus> there are ways to improve even more, but right now
Linus> "constructive" is not what the objections seem to be.

Sorry, will certainly try to be more positive about my objections to
this system.  

Mostly I'd really like to just see:

       - documentation
       - Kconfig updated to default to N.

John
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ