Return-Path: Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S268232AbUJORuJ (ORCPT ); Fri, 15 Oct 2004 13:50:09 -0400 Received: (majordomo@vger.kernel.org) by vger.kernel.org id S267404AbUJORuJ (ORCPT ); Fri, 15 Oct 2004 13:50:09 -0400 Received: from e5.ny.us.ibm.com ([32.97.182.105]:24760 "EHLO e5.ny.us.ibm.com") by vger.kernel.org with ESMTP id S268232AbUJORrU (ORCPT ); Fri, 15 Oct 2004 13:47:20 -0400 Subject: Re: Fw: signed kernel modules? From: Josh Boyer To: root@chaos.analogic.com Cc: gene.heskett@verizon.net, linux-kernel@vger.kernel.org, Roman Zippel , David Howells , "Rusty Russell (IBM)" , David Woodhouse , Greg KH , Arjan van de Ven , Joy Latten In-Reply-To: References: <27277.1097702318@redhat.com> <1097843492.29988.6.camel@weaponx.rchland.ibm.com> <200410151153.08527.gene.heskett@verizon.net> <1097857049.29988.29.camel@weaponx.rchland.ibm.com> Content-Type: text/plain Message-Id: <1097862366.29988.51.camel@weaponx.rchland.ibm.com> Mime-Version: 1.0 X-Mailer: Ximian Evolution 1.4.5 (1.4.5-7) Date: Fri, 15 Oct 2004 12:46:06 -0500 Content-Transfer-Encoding: 7bit Sender: linux-kernel-owner@vger.kernel.org X-Mailing-List: linux-kernel@vger.kernel.org Content-Length: 965 Lines: 26 On Fri, 2004-10-15 at 11:59, Richard B. Johnson wrote: > > The technical details are that "signed", "sealed", "certified", > relate to policy. For years policy was not allowed to be included in > the kernel. In recent times, the kernel has become filthy with > policy. I'd disagree. Do you consider SELinux to be policy as well just because it's in the kernel? As David said in his response, it's a mechanism. Whether _you_ choose to use it or not decides the "policy". That's why I said put a config option around it. You would still have _choice_. > it right. What's right for you is wrong for another. Absolutely. So why are you trying to prevent people that want to use module signing from doing so? josh - To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/