Re: Fw: signed kernel modules?

From: Josh Boyer
Date: Fri Oct 15 2004 - 12:53:13 EST

Next message: K.R. Foley: "Re: [patch] Real-Time Preemption, -VP-2.6.9-rc4-mm1-U3"
Previous message: Adam Heath: "Re: [patch] Real-Time Preemption, -VP-2.6.9-rc4-mm1-U3"
In reply to: Richard B. Johnson: "Re: Fw: signed kernel modules?"
Next in thread: Tonnerre: "Re: Fw: signed kernel modules?"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Fri, 2004-10-15 at 11:59, Richard B. Johnson wrote:
>
> The technical details are that "signed", "sealed", "certified",
> relate to policy. For years policy was not allowed to be included in
> the kernel. In recent times, the kernel has become filthy with
> policy.

I'd disagree. Do you consider SELinux to be policy as well just because
it's in the kernel?

As David said in his response, it's a mechanism. Whether _you_ choose
to use it or not decides the "policy". That's why I said put a config
option around it. You would still have _choice_.

> it right. What's right for you is wrong for another.

Absolutely. So why are you trying to prevent people that want to use
module signing from doing so?

josh

-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Next message: K.R. Foley: "Re: [patch] Real-Time Preemption, -VP-2.6.9-rc4-mm1-U3"
Previous message: Adam Heath: "Re: [patch] Real-Time Preemption, -VP-2.6.9-rc4-mm1-U3"
In reply to: Richard B. Johnson: "Re: Fw: signed kernel modules?"
Next in thread: Tonnerre: "Re: Fw: signed kernel modules?"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]