From owner-freebsd-questions@FreeBSD.ORG Tue Jun 29 03:35:12 2010 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 866521065676 for ; Tue, 29 Jun 2010 03:35:12 +0000 (UTC) (envelope-from toby.richards@slo.courts.ca.gov) Received: from exprod7og125.obsmtp.com (exprod7og125.obsmtp.com [64.18.2.28]) by mx1.freebsd.org (Postfix) with SMTP id 21CDA8FC14 for ; Tue, 29 Jun 2010 03:35:11 +0000 (UTC) Received: from source ([171.74.39.14]) by exprod7ob125.postini.com ([64.18.6.12]) with SMTP ID DSNKTClp7oQF260wyXkzU6dGGughvKw2yHrJ@postini.com; Mon, 28 Jun 2010 20:35:12 PDT Received: from aocex016a.srv.courts-tc.ca.gov ([10.250.21.57]) by aocex006a.srv.courts-tc.ca.gov with Microsoft SMTPSVC(6.0.3790.4675); Mon, 28 Jun 2010 20:35:10 -0700 X-MimeOLE: Produced By Microsoft Exchange V6.5 Content-class: urn:content-classes:message MIME-Version: 1.0 Date: Mon, 28 Jun 2010 20:34:10 -0700 Message-ID: <2D1FF82777560B40A2FDD2AD17C6FC219BBA@aocex016a.srv.courts-tc.ca.gov> X-MS-Has-Attach: X-MS-TNEF-Correlator: Thread-Topic: Question RE: Linux Mode Thread-Index: AcsXCqPQVQDdboEnQzGQSqAbquTKIQAMUwFH References: <2D1FF82777560B40A2FDD2AD17C6FC219BB8@aocex016a.srv.courts-tc.ca.gov> <20100628234113.9146fedf.freebsd@edvax.de> From: "Richards, Toby" To: "Polytropon" X-OriginalArrivalTime: 29 Jun 2010 03:35:10.0935 (UTC) FILETIME=[13E39670:01CB173C] Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: quoted-printable X-Content-Filtered-By: Mailman/MimeDel 2.1.5 Cc: freebsd-questions@freebsd.org Subject: RE: Question RE: Linux Mode X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 29 Jun 2010 03:35:12 -0000 So as far as I can tell, turning Linux Mode on exposes another threat = vector. Can I turn on Linux Mode ONLY for a single binary (the Flash = plugin)? -----Original Message----- From: Polytropon [mailto:freebsd@edvax.de] Sent: Mon 28-Jun-10 2:41 PM To: Richards, Toby Cc: freebsd-questions@freebsd.org Subject: Re: Question RE: Linux Mode =20 On Mon, 28 Jun 2010 13:57:33 -0700, "Richards, Toby" = wrote: > My question is this: If I turn on Linux mode, don't I sacrifice the > security, performance, and other benefits of the FreeBSD kernel vice > Linux? No. FreeBSD's "Linux mode" is nothing more or less than an ABI - an alternative binary interface. Linux programs "communicate" through this interface instead of FreeBSD's default one. Of course, there *are* security implications, as on Linux. Security limits are given by the FreeBSD infrastructure (e. g. "Flash" based malware trying to access system files -> no; defective "Flash" implementation causing a memory leak -> possible). I don't use "Flash" anymore so I can't be more specific. Last time I tried it worked nearly flawlessly with Firefox. A personal note: Sometimes, I found that Linux programs ran faster on FreeBSD Linux ABI than on native Linux, but as I'm not a regular Linux user, my opinion isn't worth more than 2 cent. :-) --=20 Polytropon Magdeburg, Germany Happy FreeBSD user since 4.0 Andra moi ennepe, Mousa, ...