GL> Hmmm. But kernel contains features marked 'experimental'.
`Experimental', not meaningless.
GL> Like experimental things, secure Linux patch can go into kernel with some
GL> remark like experimantal. (in this case: "big warning, ...").
It's not experimental. Experimental == Linus thinks that feature is cool but
it's not yet debugged enough to be used in production environment. And it's
NOT a case.
GL> Pre-XFree 4.0 servers seem to segfault with this patch. Anyone who has got
GL> similar sympthoms ?
GL> BTW, restricted proc fs should go into kernel tree (do not care in this case
GL> if unexecutable stack goes in or not), because it's the minimum to have
GL> an ability to hide my processes from others. It's VERY simple and trivial
GL> patch, only alters file access permissions in /proc.
Once again: you should convinience Linus that it's good thing to do :-)
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.rutgers.edu
Please read the FAQ at http://www.tux.org/lkml/