lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <20120718070458.GA10357@gmail.com>
Date:	Wed, 18 Jul 2012 09:04:58 +0200
From:	Ingo Molnar <mingo@...nel.org>
To:	david@...g.hm
Cc:	Linus Torvalds <torvalds@...ux-foundation.org>,
	Borislav Petkov <bp@...64.org>,
	Cyrill Gorcunov <gorcunov@...nvz.org>,
	Pekka Enberg <penberg@...nel.org>,
	richard -rw- weinberger <richard.weinberger@...il.com>,
	"Myklebust, Trond" <Trond.Myklebust@...app.com>,
	Dave Jones <davej@...hat.com>,
	Greg Kroah-Hartman <greg@...ah.com>,
	Ubuntu Kernel Team <kernel-team@...ts.ubuntu.com>,
	Debian Kernel Team <debian-kernel@...ts.debian.org>,
	OpenSUSE Kernel Team <opensuse-kernel@...nsuse.org>,
	Linux Kernel Mailing List <linux-kernel@...r.kernel.org>,
	Ingo Molnar <mingo@...e.hu>,
	Sasha Levin <levinsasha928@...il.com>,
	Asias He <asias.hejun@...il.com>,
	Pavel Emelyanov <xemul@...allels.com>
Subject: Re: [opensuse-kernel] Re: [RFC] Simplifying kernel configuration for
 distro issues


* david@...g.hm <david@...g.hm> wrote:

> > Anybody who says "I want to run Fedora without SELINUX 
> > because I do my own security development" is by *definition* 
> > not relevant to the whole feature.
> 
> Don't mistake the example for the feature. the SELINUX thing 
> is just an example. As Alan Cox commented, taking a distro 
> config and disabling one thing is a common troubleshooting 
> request from kernel developers.

It's still irrelevant:

 - if a user chooses a distro config it means that he is using 
   that distro. Disabling an essential component of the distro 
   config, even if a kernel developer asks for it, will likely 
   break that distro and is thus a dumb thing to do. (the
   typical user will also be unlikely to be *able* to edit a 
   .config and make sure it works.)

 - Furthermore, there's *already* over ten thousand select's in 
   our Kconfig's, and it's already hard at times to disable 
   dependent options.

 - I've been using what Linus suggested for many years via 
   private patches to do bootable randconfig testing and the 
   concept works just fine - enabling a distro specific 
   minconfig is absolutely useful, I'm glad it's being pursued 
   upstream as well...

So what you are arguing about is IMO irrelevant, it is 
immaterial to the problem at hand and the concept works just 
fine in practice.

Thanks,

	Ingo
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ