Page 2 of 25 FirstFirst 123412 ... LastLast
Results 11 to 20 of 247

Thread: KDBUS & Systemd Now Yields A Working System

  1. #11

    Default

    Quote Originally Posted by JS987 View Post
    Moving code from user space into kernel will make security worse.
    That isn't a very useful comment since kernel developers have explained precisely how it does improve security and I have already linked to that

    https://lwn.net/Articles/551969/

  2. #12
    Join Date
    Sep 2012
    Posts
    328

    Default

    Quote Originally Posted by RahulSundaram View Post
    That isn't a very useful comment since kernel developers have explained precisely how it does improve security and I have already linked to that
    Security hole in kernel code can have bigger impact than security hole in user space code. Kernel developers don't really care about security.
    Last edited by JS987; 12-27-2013 at 04:51 PM.

  3. #13
    Join Date
    Jan 2013
    Posts
    525

    Default

    It really pains me to see that more and more Linux interfaces are available only under systemd, this refactoring of interfaces will make porting to non-Linux platforms almost impossible in the near future.

  4. #14
    Join Date
    Jun 2011
    Posts
    267

    Default

    Quote Originally Posted by RahulSundaram View Post
    That isn't a very useful comment since kernel developers have explained precisely how it does improve security and I have already linked to that

    https://lwn.net/Articles/551969/
    There full of shit, and to prove it the following statement is laughable at best "It chose D-Bus because it is well-documented, well-understood" <-- That's why most people use ZeroMQ IPC/INPROC with Google Protobuf. Also kdbus was a student project that was rejected once before, it was then abandoned. This is all about Greg Kroah-Hartman and what he wants.

  5. #15

    Default

    Quote Originally Posted by zester View Post
    There full of shit, and to prove it the following statement is laughable at best "It chose D-Bus because it is well-documented, well-understood" <-- That's why most people use ZeroMQ IPC/INPROC with Google Protobuf. Also kdbus was a student project that was rejected once before, it was then abandoned. This is all about Greg Kroah-Hartman and what he wants.
    So many factual inaccuracies in so few sentences. The current kdbus project was written from scratch and no student was involved in it and what if they were? Even Linux kernel was written by a student in the first place! D-Bus is the most widely used IPC system in Linux and installed by default in most Linux systems far more than any ZeroMQ or Google Protobuf, neither of which are even really comparable. Also current development of kdbus isn't done by Greg KH at all. If you have done any IPC programming, your comments would make more sense.

  6. #16

    Default

    Quote Originally Posted by JS987 View Post
    Security hole in kernel code can have bigger impact than security hole in user space code. Kernel developers don't really care about security.
    kdbus is a simpler protocol than dbus-daemon and integration with things like namespaces only help with better security. Kernel security isn't a binary thing and sometimes userspace can have a much bigger impact than kernel bugs. It really depends on what kind of security hole it is. For instance, BIND bugs caused havoc a few years back more than any Linux kernel issue ever did. While Linux kernel security could certainly better, it is very much incorrect to claim that kernel developers don't care about security. Some developers work on it very diligently including say Kees Cook, Dan, James Morris and several others. The solution isn't to hide your head in the sand. It is to provide the functionality that developers need and IPC mechanisms are pretty core to what is needed for Linux as a platform.

  7. #17
    Join Date
    Jun 2011
    Posts
    267

    Default

    Quote Originally Posted by RahulSundaram View Post
    So many factual inaccuracies in so few sentences. The current kdbus project was written from scratch and no student was involved in it and what if they were? Even Linux kernel was written by a student in the first place! D-Bus is the most widely used IPC system in Linux and installed by default in most Linux systems far more than any ZeroMQ or Google Protobuf, neither of which are even really comparable. Also current development of kdbus isn't done by Greg KH at all. If you have done any IPC programming, your comments would make more sense.
    Kdbus was in fact a student project, it was not written from scratch by the kernel team. Sorry to tell you this but D-Bus might be the most widely installed IPC but its the least used IPC in linux. ZeroMQ and Google Protobuf might not have all the features of D-Bus but most of those advanced features are rarely even used even in D-Bus. And
    D-Bus doesn't even come close to ZeroMQ is usage share not even close.

    Even when comparing D-Bus vs ZeroMQ in the IPC arena for every one D-Bus Desktop application there is 1000+ ZeroMQ network applications using its native IPC there.

    Go take your fanboy bullshit someplace else.

  8. #18
    Join Date
    Jun 2011
    Posts
    267

    Default

    Quote Originally Posted by RahulSundaram View Post
    kdbus is a simpler protocol than dbus-daemon and integration with things like namespaces only help with better security. Kernel security isn't a binary thing and sometimes userspace can have a much bigger impact than kernel bugs. It really depends on what kind of security hole it is. For instance, BIND bugs caused havoc a few years back more than any Linux kernel issue ever did. While Linux kernel security could certainly better, it is very much incorrect to claim that kernel developers don't care about security. Some developers work on it very diligently including say Kees Cook, Dan, James Morris and several others. The solution isn't to hide your head in the sand. It is to provide the functionality that developers need and IPC mechanisms are pretty core to what is needed for Linux as a platform.
    Well I would hope it was a simpler api lol, full on D-Bus sitting in the kernel would be insane. Ummmm IPC and Security don't compute sorry IPC is anti-security by default, not saying we shouldn't use it but to putting it in the kernel on a system that isn't locked down is stupid. And kdbus's api is odd and still overly complex for something so sensitive to kernel security.

  9. #19

    Default

    Quote Originally Posted by zester View Post
    Well I would hope it was a simpler api lol, full on D-Bus sitting in the kernel would be insane. Ummmm IPC and Security don't compute sorry IPC is anti-security by default, not saying we shouldn't use it but to putting it in the kernel on a system that isn't locked down is stupid. And kdbus's api is odd and still overly complex for something so sensitive to kernel security.
    What experience do you have to back up your claims?

  10. #20
    Join Date
    Sep 2008
    Location
    Seattle, WA, US
    Posts
    103

    Default

    Quote Originally Posted by zester View Post
    <snip crazy ranting>
    Go take your fanboy bullshit someplace else.
    Heh, irony.
    Good to know I can killfile you without loosing anything though.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •