Re: RFC: Network privilege separation.

From: Rémi Denis-Courmont
Date: Mon Jan 12 2009 - 15:47:44 EST

Next message: Andrew Morton: "Re: - lis3lv02d-separate-the-core-from-hp-acpi-api.patch removedfrom -mm tree"
Previous message: Mike Galbraith: "[patch take 2] Re: [BUG] How to get real-time priority using idlepriority"
In reply to: Andi Kleen: "Re: RFC: Network privilege separation."
Next in thread: Andi Kleen: "Re: RFC: Network privilege separation."
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Le lundi 12 janvier 2009 22:55:47 Andi Kleen, vous avez écrit :
> Fair point, although I'm afraid you didn't do a very good
> job explaining your reasons, so it sounds like a
> quite arbitary decision.

Fair enough. It's just way too much interface/adaptation work compared to the
benefit. Especially considering that it would be much easier, and almost as
secure, with a "relaxed" SECCOMP. And on top of that, it's causing
unnecessary overhead (we're also interested in those small Linux-based
handsets that aren't as fast and power-hungry as desktop PCs).

--
Rémi Denis-Courmont
http://www.remlab.net/
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Next message: Andrew Morton: "Re: - lis3lv02d-separate-the-core-from-hp-acpi-api.patch removedfrom -mm tree"
Previous message: Mike Galbraith: "[patch take 2] Re: [BUG] How to get real-time priority using idlepriority"
In reply to: Andi Kleen: "Re: RFC: Network privilege separation."
Next in thread: Andi Kleen: "Re: RFC: Network privilege separation."
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]