Mitch Bradley wrote: > From a security standpoint, there is an advantage to building in > everything. The main kernel is verified with a crypto signature before > it is executed. Loading a module without first verifying a > similarly-strong signature weakens the security. > > Modules are a good idea for kernels that are intended to run on a wide > variety of hardware. I am in favor of treating XO like an appliance and > making the kernel as monolithic as possible.
I'm not familiar with the security stuff in general or this case in particular. But I think the "trend" in the Linux community has been towards more flexibility, moving stuff from kernel space to user space, etc. Then again, since the *hardware* is soldered onto the mainboard and can't be easily expanded, why shouldn't the *kernel* be just as inflexible? ;) _______________________________________________ Devel mailing list Devel@lists.laptop.org http://lists.laptop.org/listinfo/devel