Re: Stacking - anyone care how to report module id's?

• Previous message: Valdis.Kletnieksat_private: "Re: Stacking - anyone care how to report module id's?"
• In reply to: Valdis.Kletnieksat_private: "Re: Stacking - anyone care how to report module id's?"
• Next in thread: Crispin Cowan: "Re: Stacking - anyone care how to report module id's?"
• Next in thread: Crispin Cowan: "Re: Stacking - anyone care how to report module id's?"
• Reply: Crispin Cowan: "Re: Stacking - anyone care how to report module id's?"
• Reply: jmjonesat_private: "Re: Stacking - anyone care how to report module id's?"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Mon, Aug 26, 2002 at 01:21:12PM -0400, Valdis.Kletnieksat_private wrote:
> On Mon, 26 Aug 2002 10:03:51 PDT, Greg KH said:
> > On Mon, Aug 26, 2002 at 09:41:43AM -0700, Crispin Cowan wrote:
> 
> > > On the other hand, it is this kind of thinking that gave the Linux 
> > > kernel a scheduler that linearly scanned the process ready list, and had 
> > > to be upgraded when Linux went into the big time.
> > 
> > Ok, that's not even relevant to this argument.  When people realized
> > that the current scheduler had problems, based on larger loads, and
> > bigger boxes, they fixed it.  
> 
> Hmm... So what you're saying that since previous experience with
> algorithms that scale poorly on big iron has shown that we end up ripping
> it out and doing it over, we should do so AGAIN when faced with something
> likely to scale poorly?

Huh?  What is going to scale poorly?  The current sys_security() call?
I don't see anything in the current code tha scales badly.  All I hear
is vague statements about how some code, sometime in the future that
impmenents a sys_security() hook, might not scale well.

> Remember - it's not my laptop that's going to hit these issues, it's the
> big 16/32 CPU boxes doing tons of stuff that will hit these issues.

I know this all too well, it's my day job :)

Come on people, if there is a real problem, I'd be glad to deal with it.
And as there is no posted code showing a problem, I think this thread
should just die.

> > The policies for OWLSM are already able to be turned on and off at
> > config time.
> 
> And the next thing you know, somebody will want it on a per-process basis. ;)

And you want to call sys_security() when every sys_execev() happens?
You need to rethink your model, or use the existing hooks that are
already present for just such a need :)

thanks,

greg k-h
_______________________________________________
linux-security-module mailing list
linux-security-moduleat_private
http://mail.wirex.com/mailman/listinfo/linux-security-module

• Next message: Crispin Cowan: "Re: Stacking - anyone care how to report module id's?"
• Previous message: Valdis.Kletnieksat_private: "Re: Stacking - anyone care how to report module id's?"
• In reply to: Valdis.Kletnieksat_private: "Re: Stacking - anyone care how to report module id's?"
• Next in thread: Crispin Cowan: "Re: Stacking - anyone care how to report module id's?"
• Next in thread: Crispin Cowan: "Re: Stacking - anyone care how to report module id's?"
• Reply: Crispin Cowan: "Re: Stacking - anyone care how to report module id's?"
• Reply: jmjonesat_private: "Re: Stacking - anyone care how to report module id's?"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Mon Aug 26 2002 - 10:33:29 PDT