| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Wed, 18 Jul 2012 11:13:13 +0200 From: Ingo Molnar <mingo@...nel.org> To: david@...g.hm Cc: Linus Torvalds <torvalds@...ux-foundation.org>, Borislav Petkov <bp@...64.org>, Cyrill Gorcunov <gorcunov@...nvz.org>, Pekka Enberg <penberg@...nel.org>, richard -rw- weinberger <richard.weinberger@...il.com>, "Myklebust, Trond" <Trond.Myklebust@...app.com>, Dave Jones <davej@...hat.com>, Greg Kroah-Hartman <greg@...ah.com>, Ubuntu Kernel Team <kernel-team@...ts.ubuntu.com>, Debian Kernel Team <debian-kernel@...ts.debian.org>, OpenSUSE Kernel Team <opensuse-kernel@...nsuse.org>, Linux Kernel Mailing List <linux-kernel@...r.kernel.org>, Ingo Molnar <mingo@...e.hu>, Sasha Levin <levinsasha928@...il.com>, Asias He <asias.hejun@...il.com>, Pavel Emelyanov <xemul@...allels.com> Subject: Re: [opensuse-kernel] Re: [RFC] Simplifying kernel configuration for distro issues * david@...g.hm <david@...g.hm> wrote: > On Wed, 18 Jul 2012, Ingo Molnar wrote: > > >* david@...g.hm <david@...g.hm> wrote: > > > >>>Anybody who says "I want to run Fedora without SELINUX > >>>because I do my own security development" is by *definition* > >>>not relevant to the whole feature. > >> > >>Don't mistake the example for the feature. the SELINUX thing > >>is just an example. As Alan Cox commented, taking a distro > >>config and disabling one thing is a common troubleshooting > >>request from kernel developers. > > > >It's still irrelevant: > > > >- if a user chooses a distro config it means that he is using > > that distro. Disabling an essential component of the distro > > config, even if a kernel developer asks for it, will likely > > break that distro and is thus a dumb thing to do. (the > > typical user will also be unlikely to be *able* to edit a > > .config and make sure it works.) > > that's assuming that everything listed really is essential. See the requirements in Linus's earlier mail: -------------> The *two* requirements (and they're really the same theme) I personally think we should have for this are - I think every single "select" for these things should come with a comment about what it is about and why the distro needs it (to show there was some thought involved and not just a blind "took it from the distro config") - It should be about *minimal* settings. I'd rather have too few things and the occasional complaint about "oh, it didn't work because it missed XYZ" than have it grow to contain all the options just because somebody decided to just add random things until things worked. <------------- Thanks, Ingo -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists