> I disabled everything in the cryptographic section too, but I`ll enable
> it again (and report if bug comes back)
AFAIK - this shouldn't be a problem.
> 
> I have a lot EXPERIMENTAL in the network section because I need it.
Network stuff should be ok too.

Problematic things are in kernel hacking/debugging, and general features
(smp, 3-level pages, etc), watchdog? etc.

> My kernel does not support modules -> easier upgrades, just compile and
> edit a symlink than powercycle. its more secure too. because I have some
> users with root rights in their uml`s, so they could in theory (if they
> were smart and evil) compile some of the hostfs stuff as a module...
Yep, I do that too - and run them in a chroot with selinux, yet I am
pretty sure there are still some evil things that can be done just
with /proc/mm...

Antoine



-------------------------------------------------------
This SF.net email is sponsored by: Splunk Inc. Do you grep through log files
for problems?  Stop!  Download the new AJAX search engine that makes
searching your log files as easy as surfing the  web.  DOWNLOAD SPLUNK!
http://ads.osdn.com/?ad_id=7637&alloc_id=16865&op=click
_______________________________________________
User-mode-linux-user mailing list
User-mode-linux-user@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/user-mode-linux-user

Reply via email to