Giacomo Catenazzi wrote:
quoted text
> What do technical and regulatory differences have "driver/LSM module" that
> is build-in and one that is modular?
> It seems to me silly to find difference.  A kernel with a new kernel module
> is a new kernel.
>   
*I* understand that, from a security and logic integrity point of view,
there is not much difference between a rebuilt-from-source kernel, and a
standard kernel from the distro with a new module loaded.

However, there is a big difference for other people, depending on their
circumstances.

    * Some people live in organizations where the stock kernel is
      required, even if you are allowed to load modules. That may not
      make sense to you, but that doesn't change the rule.
    * Some people are not comfortable building kernels from source. It
      doesn't matter how easy *you* think it is, it is a significant
      barrier to entry for a lot of people. Especially if their day job
      is systems or security administration, and not kernel hacking.

Think of it like device drivers: Linux would be an enterprise failure if
you had to re-compile the kernel from source every time you added a new
kind of device and device driver.

Crispin

-- 
Crispin Cowan, Ph.D.               http://crispincowan.com/~crispin/
	       Itanium. Vista. GPLv3. Complexity at work

-
unsubscribe notice
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/