David S. Miller wrote:
> The more I look at LSM the more and more I dislike it, it sticks it's
> fingers everywhere. Who is going to use this stuff? %99.999 of users
> will never load a security module, and the distribution makers are
> going to enable this NOP overhead for _everyone_ just so a few telcos
> or government installations can get their LSM bits?
>
I'm going to ignore the overhead stated above here. And please take the
following as a comment/personal opinion you may as well ignore. But I'm
somewhat irritated, so:
<sarcasm>
So users are dumb in general, why not apply the "Single user linux"
patch? If you don't remember: http://www.surriel.com/potm/apr2001.shtml
</sarcasm>
Honestly, if you don't offer a patchless option to tighter security you
can't estimate usage.
Given that LSM becomes a standard part of the kernel it would be easy
for distros to offer "trusted" installations based on LSM. And in this
case advanced security will spread.
> This doesn't make any sense to me, including LSM appears to be quite
> against one of the basic maxims of Linux kernel ideology if you ask me
> :-) (said maxim is: If %99 of users won't use it, they better not
> even notice it is there or be affected by it in any way)
For the next few years 99% of the linux users won't use GBit ethernet,
so why don't you remove these drivers from the kernel?
If things should be only added to the kernel if there's already
sufficient users my opinion is that development would come to a grinding
halt.
-- Andreas Steinmetz- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
This archive was generated by hypermail 2b29 : Wed Oct 23 2002 - 22:00:37 EST