> As long as it does not autoload; it is actually better to be not > compiled in all the time from a security POV.
Well, from a security POV, loading _anything_ into the kernel at run-time, auto- or not, is a disaster waiting to happen. It's why I disable LKM and MODULAR (as applicable to the version in question) for all my kernels. I'm even slightly uncomfortable with BPF, though I trust the verifier enough, and find the facility useful enough, that I do keep that enabled. /~\ The ASCII Mouse \ / Ribbon Campaign X Against HTML mo...@rodents-montreal.org / \ Email! 7D C8 61 52 5D E7 2D 39 4E F1 31 3E E8 B3 27 4B
