Re: [PATCH] remove sys_security

From: David S. Miller (davem@redhat.com)
Date: Thu Oct 17 2002 - 17:51:57 EST


   From: Andreas Steinmetz <ast@domdv.de>
   Date: Fri, 18 Oct 2002 00:51:29 +0200

   For the next few years 99% of the linux users won't use GBit ethernet,
   so why don't you remove these drivers from the kernel?
   
The vast majority of desktop computers today ship with gigabit
ethernet interfaces on the motherboard.

So you are wrong, people use it today.

As per the rest of your email, most of my disagreement has to do
with the fact that the implementation isn't optimal. Going back
to USB, it's optimal because it falls into one of two possible
categories:

1) If I don't use it, and it's built as a module, it takes up
   no resources on my computer.

2) The facilities added to support feature X also helps make
   things like Y and Z possible.

Things like #2 are the things Al Viro is talking about.

So instead of "security_ops()->this, security_ops()->that" being
sprinkled merrily all over the VFS, we have something useful to things
outside of LSM such as full file */fd attributes.

Frankly, as a side effect of no effort being put into #2, the LSM user
level interface is complete shit. As is the hook mechanism.
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/



This archive was generated by hypermail 2b29 : Wed Oct 23 2002 - 22:00:37 EST