Re: [-mm patch] seccomp: don't say it was more or less mandatory

From: Adrian Bunk
Date: Fri Feb 25 2005 - 16:17:08 EST

Next message: linux-os: "M$ gets into autos!"
Previous message: Chad N. Tindel: "Re: Xterm Hangs - Possible scheduler defect?"
In reply to: Andrea Arcangeli: "Re: [-mm patch] seccomp: don't say it was more or less mandatory"
Next in thread: Andrea Arcangeli: "Re: [-mm patch] seccomp: don't say it was more or less mandatory"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Thu, Feb 24, 2005 at 11:41:34PM +0100, Andrea Arcangeli wrote:

> Hello Adrian,

Hi Andrea,

> On Thu, Feb 24, 2005 at 10:51:36PM +0100, Adrian Bunk wrote:
> > seccomp might be a nice feature under some circumstances.
> > But the suggestion in the help text is IMHO too strong and therefore
> > removed by this patch.
>
> Why too strong? The reason there is a config option is for the embedded
> space, where clearly they want to compile into the kernel only the
> strict features they use.
>
> There are no risks in enabling seccomp and the size of the kernel image
> won't change in any significant way either.
>
> So I'd prefer to keep the "If unsure, say Y." and it seems appropriate
> to me.
>
> You have to say Y, if later on you want to sell your CPU resources with
> Cpushare. BTW, you can already test it if you download version 0.8 of
> the LGPL'd Cpushare software, it'll connect to the server and it'll
> execute a remote seccomp computation and then it'll hang around until
> you stop it with ./stop_cpushare.sh (and you will see your client
> connected in the homepage stats). I didn't finish writing all the code
> yet but it's already a decent demo for the seccomp part at least.
>...

this sounds more like an "If unsure, say N.":
You don't need this feature unless you know you need it.

It's not about risk or the actual size of the code - there are many
small or big features in the kernel that might be useful under some
circumstances, but even the IPv6 help text still suggests to say N
to IPv6.

cu
Adrian

--

"Is there not promise of rain?" Ling Tan asked suddenly out
of the darkness. There had been need of rain for many days.
"Only a promise," Lao Er said.
Pearl S. Buck - Dragon Seed

-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Next message: linux-os: "M$ gets into autos!"
Previous message: Chad N. Tindel: "Re: Xterm Hangs - Possible scheduler defect?"
In reply to: Andrea Arcangeli: "Re: [-mm patch] seccomp: don't say it was more or less mandatory"
Next in thread: Andrea Arcangeli: "Re: [-mm patch] seccomp: don't say it was more or less mandatory"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]