From: Linus Torvalds <torvalds@linux-foundation.org>
To: Rik van Riel <riel@redhat.com>
Cc: "Larry H." <research@subreption.com>,
Christoph Lameter <cl@linux-foundation.org>,
Stephen Smalley <sds@tycho.nsa.gov>,
linux-mm@kvack.org, Alan Cox <alan@lxorguk.ukuu.org.uk>,
linux-kernel@vger.kernel.org, pageexec@freemail.hu
Subject: Re: Security fix for remapping of page 0 (was [PATCH] Change ZERO_SIZE_PTR to point at unmapped space)
Date: Wed, 3 Jun 2009 09:47:23 -0700 (PDT) [thread overview]
Message-ID: <alpine.LFD.2.01.0906030944440.4880@localhost.localdomain> (raw)
In-Reply-To: <4A26A689.1090300@redhat.com>
On Wed, 3 Jun 2009, Rik van Riel wrote:
>
> Would anybody paranoid run their system without SELinux?
You make two very fundamental mistakes.
The first is to assume that this is about "paranoid" people. Security is
_not_ about people who care deeply about security. It's about everybody.
Look at viruses and DDoS attacks - the "paranoid" people absolutely depend
on the _non_paranoid people being secure too!
The other mistake is to think that SELinux is sane, or should be the
default. It's a f*cking complex disaster, and makes performance plummet on
some things. I turn it off, and I know lots of other sane people do too.
So the !SElinux case really does need to work.
Linus
--
To unsubscribe, send a message with 'unsubscribe linux-mm' in
the body to majordomo@kvack.org. For more info on Linux MM,
see: http://www.linux-mm.org/ .
Don't email: <a href=mailto:"dont@kvack.org"> email@kvack.org </a>
next prev parent reply other threads:[~2009-06-03 16:47 UTC|newest]
Thread overview: 57+ messages / expand[flat|nested] mbox.gz Atom feed top
2009-05-30 19:28 [PATCH] Change ZERO_SIZE_PTR to point at unmapped space Larry H.
2009-05-30 22:29 ` Linus Torvalds
2009-05-30 23:00 ` Larry H.
2009-05-31 2:02 ` Linus Torvalds
2009-05-31 2:21 ` Larry H.
2009-06-02 15:37 ` Christoph Lameter
2009-06-02 20:34 ` Larry H.
2009-06-03 14:50 ` Security fix for remapping of page 0 (was [PATCH] Change ZERO_SIZE_PTR to point at unmapped space) Christoph Lameter
2009-06-03 15:07 ` Linus Torvalds
2009-06-03 15:23 ` Christoph Lameter
2009-06-03 15:38 ` Linus Torvalds
2009-06-03 16:14 ` Alan Cox
2009-06-03 16:19 ` Linus Torvalds
2009-06-03 16:24 ` Eric Paris
2009-06-03 16:22 ` Eric Paris
2009-06-03 16:28 ` Linus Torvalds
2009-06-03 16:32 ` Eric Paris
2009-06-03 16:44 ` Linus Torvalds
2009-06-03 15:11 ` Stephen Smalley
2009-06-03 15:41 ` Christoph Lameter
2009-06-03 16:18 ` Linus Torvalds
2009-06-03 16:28 ` Larry H.
2009-06-03 16:36 ` Rik van Riel
2009-06-03 16:47 ` Linus Torvalds [this message]
2009-06-03 17:16 ` Eric Paris
2009-06-03 17:28 ` Linus Torvalds
2009-06-03 17:31 ` Eric Paris
2009-06-03 17:24 ` Larry H.
2009-06-03 17:21 ` Larry H.
2009-06-03 22:52 ` James Morris
2009-06-03 17:29 ` Alan Cox
2009-06-03 17:35 ` Linus Torvalds
2009-06-03 18:00 ` Larry H.
2009-06-03 18:12 ` Linus Torvalds
2009-06-03 18:39 ` Larry H.
2009-06-03 18:45 ` Linus Torvalds
2009-06-03 18:50 ` Linus Torvalds
2009-06-03 18:59 ` Christoph Lameter
2009-06-03 19:11 ` Rik van Riel
2009-06-03 19:14 ` Eric Paris
2009-06-03 19:42 ` Christoph Lameter
2009-06-03 19:51 ` Eric Paris
2009-06-03 20:04 ` Christoph Lameter
2009-06-03 20:16 ` Eric Paris
2009-06-03 20:36 ` Christoph Lameter
2009-06-03 21:20 ` Linus Torvalds
2009-06-04 2:41 ` James Morris
2009-06-03 19:21 ` Alan Cox
2009-06-03 19:45 ` Christoph Lameter
2009-06-03 21:07 ` Alan Cox
2009-06-03 19:27 ` Linus Torvalds
2009-06-03 19:50 ` Christoph Lameter
2009-06-03 20:00 ` pageexec
2009-06-03 19:41 ` pageexec
2009-06-07 10:29 ` Pavel Machek
2009-05-30 22:32 ` [PATCH] Change ZERO_SIZE_PTR to point at unmapped space Peter Zijlstra
2009-05-30 22:51 ` Larry H.
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=alpine.LFD.2.01.0906030944440.4880@localhost.localdomain \
--to=torvalds@linux-foundation.org \
--cc=alan@lxorguk.ukuu.org.uk \
--cc=cl@linux-foundation.org \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-mm@kvack.org \
--cc=pageexec@freemail.hu \
--cc=research@subreption.com \
--cc=riel@redhat.com \
--cc=sds@tycho.nsa.gov \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox