Igor Podlesny <[email protected]> wrote: > On Fri, 26 Apr 2019 at 22:58, Stuart Henderson <[email protected]> wrote: > > On 2019-04-26, Igor Podlesny <[email protected]> wrote: > > > Or would kernel's recompiling be needed anyways? > [...] > > Recompiling would be needed. > > > > If you want to try it, see faq 5 about fetching the source tree, > > add "ichwdt* at pci?" to /sys/arch/amd64/conf/GENERIC. then see faq 5 > > about building a kernel. > > Thanks for confirmation and brief how-to even. I'd like to clarify the matter > in > more general ways though. > > 1) Is it true that more or less fresh OpenBSD generic kernels come with > no support of any watchdog hw?
No. > > 2) I heard that kernel modules were intentionally rid of in OpenBSD > primarily due > security concerns -- did it really happen for that reason? No. > If so, and > I assume that > happened long ago, were there any developer's opinions to undo this? No. > Actually > even not taking crypto verification approach (modules signing) one > could always have > secure level increased high enough to cut down this vector of attacks > completely. Huh? crypto implies security is amateur logic. If only it were that simple, we'd add crypto to garbage and get secure garbage. > OTOH, it's well known that dynamic loading approach greatly expands > functionality of > OS and makes it more convenient to use. OK, then I am happy to inform you Linux has everything you want, except it also has a ton of other things you probably don't want ... alas.
