Re: Fw: signed kernel modules?

From: David Woodhouse
Date: Fri Oct 15 2004 - 12:14:49 EST


On Fri, 2004-10-15 at 12:59 -0400, Richard B. Johnson wrote:
> We let this start when there were problems with secret video
> modules. Nobody wanted to debug a kernel that could be corrupted
> by a module where nobody could read the source-code. So if there
> isn't a MODULE_LICENSE("POLICY") then a 'tainted' mark goes
> in any OOPS report. Well, they got away with that. It was
> explained away as being "good" policy. Now they are making
> more policy.

Please quit being a fuckwit, Richard. You've escaped my killfile so far
despite being in so many other peoples, because it's often amusing to
find the deliberate mistake in your posts when they actually appear
plausible.

The above is not policy; it's a mechanism. It provides the information.
Developers _use_ that information to implement their own policy, and
refrain from helping those whose kernels are tainted.

Signing kernel modules is just the same.

--
dwmw2

-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/