Re: [RFC][PATCH} 2.6 and grsecurity

From: Valdis . Kletnieks
Date: Tue Feb 17 2004 - 09:55:38 EST

Next message: Linus Torvalds: "Re: UTF-8 and case-insensitivity"
Previous message: Richard B. Johnson: "Re: hard lock using combination of devices"
In reply to: Martin Waitz: "Re: [RFC][PATCH} 2.6 and grsecurity"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Tue, 17 Feb 2004 15:23:33 +0100, Martin Waitz said:

> you could #define security_enable_* to 0 when CONFIG_SECURITY_*
> is disabled. thay way you don't need the ugly #ifdef in the .c file

Good point - as I mentioned to another person, I was trying to minimize the
code changes if the feature wasn't selected.

> on the other hand, why do one need a syscall anyway.
> only to justify the existence of some ugly lockdown mode?

For testing and backout - if for some odd reason you discover that it breaks
code, an 'echo 0 >' is a lot less disruptive than a full reboot.

The other reason is for distribution - if you're building a kernel for a bunch
of users, some of who disagree with it, you can ship it as the code is, and
then those who don't like one or two features can 'echo 0 >' onto those sysctls
and then 'echo 0 >' onto the one to force them read-only. Again, less hassle
than rebuilding a kernel with one CONFIG_SECURITY_WHATEVER turned off (and then
remember to re-rebuild on those machines each time a new kernel gets rolled out
- you can just leave the sysctl's in your /etc/rc.* and be happy).

Attachment: pgp00000.pgp
Description: PGP signature

Next message: Linus Torvalds: "Re: UTF-8 and case-insensitivity"
Previous message: Richard B. Johnson: "Re: hard lock using combination of devices"
In reply to: Martin Waitz: "Re: [RFC][PATCH} 2.6 and grsecurity"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]