Date: Thu, 20 Jul 2000 11:28:05 -0700 From: Marcel Moolenaar <marcel@cup.hp.com> To: Warner Losh <imp@village.org> Cc: Robert Watson <rwatson@FreeBSD.ORG>, security-officer@FreeBSD.ORG, emulation@FreeBSD.ORG Subject: Re: Linuxulator and security [was: Re: cvs commit: src/sys/i386/linux linux_dummy.c linux_misc.c] Message-ID: <397744B5.513D3070@cup.hp.com> References: <39773DB3.D12C43C9@cup.hp.com> <39773728.7D94D63F@cup.hp.com> <Pine.NEB.3.96L.1000720125351.85018B-100000@fledge.watson.org> <200007201738.LAA91857@harmony.village.org> <200007201808.MAA92185@harmony.village.org>
next in thread | previous in thread | raw e-mail | index | archive | help
Warner Losh wrote: > > : > I'm sure that if we could bring a more secure version of Linux than > : > Linux, we'd have widespread support. What things would break if we > : > did them more securely? > : > : Doing the same, but only more secure should not introduce breakages. The > : point is that you either won't be able to emulate or have to pay a > : performance penalty. The former prevents applications to run if they > : happen to use or depend on un-emulatable syscalls, the latter influences > : the usability of the Linuxulator at large. We have to be careful in our > : quest to make the Linuxulator secure that we do not render it useless > : due to a reduced application base and/or poor performance. > > But having security holes is not acceptible at all. I'm sorry if that > makes things run more slowly, but we are a secure OS and we take > security very seriously. I'm not necessarily disagreeing. All I'm saying is that we shouldn't just turn the wheel, U-turn and be done with it. There may be roadblocks we could have avoided if we simply took the next intersection... As I said to Robert in a private email (but slightly different): Issue raised. Point taken. Don't panic. > happen to the system. I don't have anything specific in mind, but > wanted to reiterate this point. I'll take a look at the linuxulator > as time allows and work with you to address concerns, if any, that I > find. Fair enough? Sure. -- Marcel Moolenaar mail: marcel@cup.hp.com / marcel@FreeBSD.org tel: (408) 447-4222 To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-emulation" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?397744B5.513D3070>