Re: [-mm patch] seccomp: don't say it was more or less mandatory

[Andrea Arcangeli]

Hello Adrian,

On Thu, Feb 24, 2005 at 10:51:36PM +0100, Adrian Bunk wrote:
> seccomp might be a nice feature under some circumstances.
> But the suggestion in the help text is IMHO too strong and therefore 
> removed by this patch.

Why too strong? The reason there is a config option is for the embedded
space, where clearly they want to compile into the kernel only the
strict features they use.

There are no risks in enabling seccomp and the size of the kernel image
won't change in any significant way either.

So I'd prefer to keep the "If unsure, say Y." and it seems appropriate
to me.

You have to say Y, if later on you want to sell your CPU resources with
Cpushare.  BTW, you can already test it if you download version 0.8 of
the LGPL'd Cpushare software, it'll connect to the server and it'll
execute a remote seccomp computation and then it'll hang around until
you stop it with ./stop_cpushare.sh (and you will see your client
connected in the homepage stats). I didn't finish writing all the code
yet but it's already a decent demo for the seccomp part at least.

Anyway the help text is a minor detail after all. Thanks to everyone who
helped and provided feedback about the seccomp patch, especially to
Andrew. I'm very glad to see it in -mm right now!
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/