On Wed, Sep 19, 2007 at 09:56:35AM -0700, Andrew Sackville-West wrote: > your point is that an undocumented method of rebooting the computer is > a security issue not because of the rebooting but because of the lack > of documentation of a method of rebooting. I agree. you are right to > report this. > > I'm not sure how I feel about sysrq being on or off by default, but > documenting its existence is vastly more important than its default > configuration.
I think that it should be off by default, but set up in the kernel to be configurable with sysctl or something. Some people find it very useful who for the reason of testing a default kernel don't want to compile a custom one with the feature enabled. Others of us don't want to compile a kernel period but don't need the functionality. Isn't it a basic tennent of security that unused service/features/whatever should be turned off so that some unknown problem can't be exploited before it is discovered? Doug. -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
