thoughts on modules-extra subpackage...
Chuck Ebbert
cebbert at redhat.com
Tue Dec 6 21:19:35 UTC 2011
On Fri, 2 Dec 2011 13:38:51 -0500
"John W. Linville" <linville at redhat.com> wrote:
> As for the stated benefits... I'm skeptical of the security argument.
> I mean, I can believe that a module could get accidentally or
> inadvertantly loaded and then exploited. I just think that closing
> those holes is a better plan.
Unfortunately, network modules will be autoloaded if a program opens
a socket with that protocol. They've talked about securing that, but
it never happened.
And there is a long history of security bugs being found in the new
and/or infrequently-used modules.
More information about the kernel
mailing list