Re: [Keyrings] Re: [PATCH 01/04] Add multi-precision-integer mathslibrary

From: Arjan van de Ven
Date: Sun Jan 29 2006 - 08:07:48 EST



>
> You are taking the wrong approach.
>
> The _only_ question that matters is:
> Why is it technically impossible to do the same in userspace?
>
> If it's technically possible to do the same in userspace, it must not be
> done in the kernel.


that is not a reasonable statement because...
1) you can do all of tcp/ip in userspace just fine
2) you can do the NFS server in userspace
3) ...
4) ...

there are reasons why things that can be done in userspace sometimes
still make sense to do in kernel space, performance could be one of
those reasons, being unreasonably complex in userspace is another.

Identity management to some degree belongs in the kernel, simply because
identity *enforcing* is in the kernel. Some things related to security
need to be in the kernel at least partially just to avoid a LOT of hairy
issues and never ending series of security holes due to the exceptional
complexity you get.



-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/