[OpenAFS] OpenAFS & Linux kernel 2.6: please have a trackable bug report / task ?

Lester Barrows barrows@email.arc.nasa.gov
Wed, 18 Feb 2004 16:32:24 -0800


> Not really. The requirement is "users don't need to build kernels". If
> vendors ship kernels with this, fine. If they turn it off, the problem is
> still 0% solved.

That's true, but I'd have to believe that a vendor such as Redhat will include 
the option to secure their distribution to the best of their ability. This 
would be particularly true with an enterprise OS vendor as their customers 
will demand it. At the very least they are likely to include a "secure" 
kernel alongside their standard builds, much as they do with e.g. bigmem 
kernels. I believe there have been people from RH following this list, is 
anyone around who could confirm/deny this?

Beyond that, it seems that it would be easier to request a distribution which 
didn't already include it to add a secure kernel, built with slightly 
different options, rather than asking them to apply a patch which isn't part 
of the base kernel. If making OpenAFS can be made to work at great effort 
without touching the security module that's good, but if the wheel already 
exists, is simpler to implement for and technically sound as well it seems a 
waste not to use it.

Regards,

Lester Barrows
Asani Solutions, LLC
Code IC Systems Group
NASA Ames Research Center

"Jura rapelcgvba vf bhgynjrq, bayl bhgynjf jvyy unir cevinpl."