> I disabled everything in the cryptographic section too, but I`ll enable > it again (and report if bug comes back) AFAIK - this shouldn't be a problem. > > I have a lot EXPERIMENTAL in the network section because I need it. Network stuff should be ok too.
Problematic things are in kernel hacking/debugging, and general features (smp, 3-level pages, etc), watchdog? etc. > My kernel does not support modules -> easier upgrades, just compile and > edit a symlink than powercycle. its more secure too. because I have some > users with root rights in their uml`s, so they could in theory (if they > were smart and evil) compile some of the hostfs stuff as a module... Yep, I do that too - and run them in a chroot with selinux, yet I am pretty sure there are still some evil things that can be done just with /proc/mm... Antoine ------------------------------------------------------- This SF.net email is sponsored by: Splunk Inc. Do you grep through log files for problems? Stop! Download the new AJAX search engine that makes searching your log files as easy as surfing the web. DOWNLOAD SPLUNK! http://ads.osdn.com/?ad_id=7637&alloc_id=16865&op=click _______________________________________________ User-mode-linux-user mailing list User-mode-linux-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/user-mode-linux-user
