On Fri, Sep 27, 2019 at 10:57:12AM +0200, Jaromír Dole?ek wrote:
> [...]
> Given the history, to me it's completely clear compat_linux shouldn't
> be on by default. Any possible linux-specific exploits should only be
> problem for people actually explicitly enabling it. Let's just stop
> pretending that we'd setup any kind of reasonable testing suite for
> this - it has not been done in last >20 years, it's even less likely
> to happen now that most of the major use cases are actually moot.
>
> As Maya suggested, let's keep this concentrated on COMPAT_LINUX only
> to avoid further bikeshed flogging, so basically I propose doing this:
> 1) Comment out COMPAT_LINUX from all kernels configs for all archs
> which support modular
> 2) Disable autoload for compat_linux, requiring the user to explicitly
> configure system to load it. No extra sysctl.
>
> Any major and specific objections?
not from me.
--
Manuel Bouyer <bou...@antioche.eu.org>
NetBSD: 26 ans d'experience feront toujours la difference
--
