2.7 thoughts

From: Frederick, Fabian
Date: Thu Oct 09 2003 - 03:09:19 EST

Next message: Benjamin Herrenschmidt: "Re: [RFC] disable_irq()/enable_irq() semantics and ide-probe.c"
Previous message: Russell King: "Re: [RFC] disable_irq()/enable_irq() semantics and ide-probe.c"
Next in thread: John Bradford: "Re: 2.7 thoughts"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Hi,

Some thoughts for 2.7.Someone has other ideas, comments ?

* slab allocation limit
* complete user quota centralization
* Add _responsibilities_ for virtual process tree and possible
relation in oops cases
* Does the whole proc vm stuff root/box relevant ?I don't think
so....Hence, those proc entries deserve security relevant attributes
* Devices should be limited as well against bad usage(floppy defect),
viral activity(netcard rush)...
* All this guides me to a more global conclusion in which all that
stuff should be kobject registration relevant
* Meanwhile, we don't have a kobject <-> security bridge :(

Regards,
Fabian
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Next message: Benjamin Herrenschmidt: "Re: [RFC] disable_irq()/enable_irq() semantics and ide-probe.c"
Previous message: Russell King: "Re: [RFC] disable_irq()/enable_irq() semantics and ide-probe.c"
Next in thread: John Bradford: "Re: 2.7 thoughts"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]