From owner-cvs-all  Sun Feb 21 10:41:23 1999
Delivered-To: cvs-all@freebsd.org
Received: from heathers.stdio.com (heathers.stdio.com [199.89.192.5])
	by hub.freebsd.org (Postfix) with ESMTP id AA51610F37
	for <cvs-all@FreeBSD.ORG>; Sun, 21 Feb 1999 10:41:21 -0800 (PST)
	(envelope-from lile@stdio.com)
Received: from heathers.stdio.com (lile@heathers.stdio.com [199.89.192.5])
	by heathers.stdio.com (8.8.8/8.8.8) with ESMTP id NAA09627;
	Sun, 21 Feb 1999 13:22:42 -0500 (EST)
	(envelope-from lile@stdio.com)
Date: Sun, 21 Feb 1999 13:22:41 -0500 (EST)
From: Larry Lile <lile@stdio.com>
To: Luigi Rizzo <luigi@labinfo.iet.unipi.it>
Cc: phk@critter.freebsd.dk, julian@whistle.com, jkh@zippy.cdrom.com,
	cvs-all@FreeBSD.ORG
Subject: Re: Current status of the olicom fracas.
In-Reply-To: <199902211423.PAA14194@labinfo.iet.unipi.it>
Message-ID: <Pine.BSF.4.05.9902211315581.8061-100000@heathers.stdio.com>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Sender: owner-cvs-all@FreeBSD.ORG
Precedence: bulk



On Sun, 21 Feb 1999, Luigi Rizzo wrote:

> > > I personally advocate the position that any instruction executed          
> > > on the CPU must be available in source form, and therefore this          
> 
> i second this position. The idea being that you might not trust a
> module and want to have a chance that it does not do bad things.

Fine, warnings could be issued at compile time.  Also, if deemed
necesary, warning could also be issued during the device probe.

> > Now how do we save the oltr driver and token-ring support for FreeBSD?
> 
> Perhaps this would be a good case for a "kernel patch" type of
> port, wouldn't it ?
> I know by experience that kernel patches are problematic because
> they are much harder to keep consistent with the system and/or other
> patches, but at least, by going this way, one really has to know
> what s/he does before using an external object module.

You are exactly right about that.  It is too difficult for networking
code in my opinion.  I just sent a reply to PHK with a possible solution.

> The other possibility would be to modify the config structure so that
> obkect-only modules can be clearly identified and either config or a
> kernel build loudly remarks the use of such a module.

I have no problem with that, as mentioned above.  But could I add
a compile option to knock them out?  The user would have to specify
it _explicity_ and by default it would complain.  That should alleviate
both security and aesthetic concerns.

Larry Lile
lile@stdio.com



To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe cvs-all" in the body of the message