Re: kernel stack challenge

From: Timothy Miller
Date: Mon Apr 05 2004 - 16:14:04 EST

Next message: Pavel Machek: "Right url for linux-on-laptops"
Previous message: Sergiy Lozovsky: "Re: kernel stack challenge"
In reply to: Sergiy Lozovsky: "Re: kernel stack challenge"
Next in thread: Stephen Smoogen: "Re: kernel stack challenge"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Sergiy Lozovsky wrote:

All LISP errors are incapsulated within LISP VM.

A LISP VM is a big, giant, bloated.... *CHOKE* *COUGH* *SPUTTER* *SUFFOCATE* ... thing which SHOULD NEVER be in the kernel.

If you want to use a more abstract language for describing kernel security policies, fine. Just don't use LISP.

The right way to do it is this:

- A user space interpreter reads text-based config files and converts them into a compact, easy-to-interpret code used by the kernel.

- A VERY TINY kernel component is fed the security policy and executes it.

Move as much of the processing as reasonable into user space. It's absolutely unnecessary to have the parser into the kernel, because parsing of the config files is done only when the ASCII text version changes.

It's absolutely unnecessary to have something as complex as LISP to interpret it, when something simple and compact could do just as well.

Why do you choose LISP? Don't you want to use a language that sysadmins will actually KNOW?

-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Next message: Pavel Machek: "Right url for linux-on-laptops"
Previous message: Sergiy Lozovsky: "Re: kernel stack challenge"
In reply to: Sergiy Lozovsky: "Re: kernel stack challenge"
Next in thread: Stephen Smoogen: "Re: kernel stack challenge"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]