Re: ima: use of radix tree cache indexing == massive waste of memory?

[Christoph Hellwig]

On Sun, Oct 17, 2010 at 07:40:08AM +0200, Ingo Molnar wrote:
> This security feature was merged upstream last year, it's not in 
> drivers/staging/ and the Kconfig help text does not contain any warning 
> that this is 'crap', so how were the Fedora people supposed to know?

By looking at what they turn on?  What happened to the good old idea
of actually auditing what you turn on?  It might be a bit too much
for every little driver, aven if that was helpful, but for security/
code with intricate hooks all over the kernel I think it is in order.

Especially as our merge requirements for security/ are a lot lower than
for the rest of the kernel given that James is very afraid of getting
whacked by Linux for not mering things.

> Fact is that Kyle did Linux a _favor_ by enabling the feature in Fedora, 
> as it allowed the bug/inefficiency/crap to be found by Dave. Linux got 
> richer as a result as we learned about a bug that affects many people. 
> Your gratuitous insults against him are highly misguided.

I think you need to tune down your insult filter a bit :)

--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/