From: Jesper Juhl <jesper.juhl@gmail.com>
To: "Valdis.Kletnieks@vt.edu" <Valdis.Kletnieks@vt.edu>
Cc: Joe Bob Spamtest <joebob@spamtest.viacore.net>,
Lee Revell <rlrevell@joe-job.com>,
linux-kernel@vger.kernel.org
Subject: Re: HZ question
Date: Thu, 15 Sep 2005 22:34:06 +0200 [thread overview]
Message-ID: <9a8748490509151334363cfd2d@mail.gmail.com> (raw)
In-Reply-To: <200509152019.j8FKJvAD025249@turing-police.cc.vt.edu>
On 9/15/05, Valdis.Kletnieks@vt.edu <Valdis.Kletnieks@vt.edu> wrote:
> On Thu, 15 Sep 2005 09:16:25 PDT, Joe Bob Spamtest said:
> > Lee Revell wrote:
> > > On Wed, 2005-09-14 at 12:00 +0800, Coywolf Qi Hunt wrote:
> > >
> > >>simply zgrep HZ= /proc/config.gz
> > >>on my box, I get CONFIG_HZ=1000
> > >
> > >
> > > Many distros inexplicably disable that by default.
> >
> > Their rationale is that knowing the kernel .config is a security threat.
>
> At least in Fedora, they ship a mode 644 config file in /boot:
>
> % ls -l /boot/config-2.6.13-1.1555_FC5
> 61 -rw-r--r-- 1 root root 60135 Sep 14 15:55 /boot/config-2.6.13-1.1555_FC5
>
> No need to include that in the kernel if it's right there on disk. Even Fedora
> doesn't believe in *that* much bloat. ;)
>
Or delete it from disk and include it in the kernel instead.
Having it in the kernel instead of as a sepperate file makes sense to
me; you'll never loose it as long as you have the actual kernel
around. Nothing like finding a problem with an older kernel and not
being able to duplicate the config with a newer one because you
deleted the .config at some point. With the config embedded in the
kernel that never happens...
As for the security issue with being able to read /proc/config.gz,
couldn't that be solved easily if that file had mode 0400 ?
--
Jesper Juhl <jesper.juhl@gmail.com>
Don't top-post http://www.catb.org/~esr/jargon/html/T/top-post.html
Plain text mails only, please http://www.expita.com/nomime.html
prev parent reply other threads:[~2005-09-15 20:34 UTC|newest]
Thread overview: 23+ messages / expand[flat|nested] mbox.gz Atom feed top
2005-09-13 12:48 HZ question Mark Hounschell
2005-09-13 13:46 ` linux-os (Dick Johnson)
2005-09-13 14:00 ` Mark Hounschell
2005-09-13 14:20 ` Tim Schmielau
2005-09-13 15:05 ` Mark Hounschell
2005-09-13 16:01 ` Tim Schmielau
2005-09-13 16:41 ` Mark Hounschell
2005-09-13 16:47 ` Mark Hounschell
2005-09-13 18:38 ` Stefan Smietanowski
2005-09-13 19:17 ` Mark Hounschell
2005-09-13 23:19 ` Daniel Barkalow
2005-09-13 17:34 ` john stultz
2005-09-13 19:15 ` Mark Hounschell
2005-09-14 4:15 ` George Anzinger
2005-09-13 20:13 ` jdow
2005-09-13 20:38 ` linux-os (Dick Johnson)
2005-09-15 1:29 ` Lee Revell
2005-09-13 14:07 ` Tim Schmielau
2005-09-14 4:00 ` Coywolf Qi Hunt
2005-09-15 1:20 ` Lee Revell
2005-09-15 16:16 ` Joe Bob Spamtest
2005-09-15 20:19 ` Valdis.Kletnieks
2005-09-15 20:34 ` Jesper Juhl [this message]
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=9a8748490509151334363cfd2d@mail.gmail.com \
--to=jesper.juhl@gmail.com \
--cc=Valdis.Kletnieks@vt.edu \
--cc=joebob@spamtest.viacore.net \
--cc=linux-kernel@vger.kernel.org \
--cc=rlrevell@joe-job.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.