Torvalds On Pluggable Security Models

eldavojohn writes "The KernelTrap highlights an interesting discussion on pluggable security models including some commentary by Linus Torvalds. While Torvalds argued against pluggable schedulers, he's all for pluggable security. Other members were voicing concerns with the pluggable nature of the Linux Security Model, but Torvalds put his foot down and said it stays. When asked why his stance was different between schedulers and security, he replied, 'Schedulers can be objectively tested. There's this thing called 'performance,' that can generally be quantified on a load basis. Yes, you can have crazy ideas in both schedulers and security. Yes, you can simplify both for a particular load. Yes, you can make mistakes in both. But the *discussion* on security seems to never get down to real numbers. So the difference between them is simple: one is hard science. The other one is people wanking around with their opinions.'"

Well

[homey of my owney]

He's right.

wanking around

[Anonymous Coward]

I've been wanking around with pluggable opinions for years, and I turned out okay.

Awesome

[obeythefist]

"But the *discussion* on security seems to never get down to real numbers. So the difference between them is simple: one is hard science. The other one is people wanking around with their opinions"

Thanks Linus, that cracked me up. I've always felt that way about a lot of the stuff the security guys do. I'm gonna forward that to our local security guys and see what they think!

Re:Well

[Anonymous Coward]

Who's this linux fellow you're talking about?

I feel sorry for him to have such geeky parents, though.

Re:Well

[HeavensTrash]

Linux is arrogant and clueless? I didn't know an OS could have human traits.

What about

[sokoban]

That hot chick on Television who asks if I have worms, and sells antivirus software. That's one pluggable security model right there.

Bring deRaadt in for a consult

[e9th]

I mean, Theo's the security guy, right? I'm sure Linus would have no problem whatsoever agreeing to abide by his decision...

Re:Language abuse

[theNeophile]

"Wanking" is rough-slang English from England, and means 'masturbating'. But Torvalds sure ain't one of us.

All of the other words he used also come from England. How dare he!

Re:I stopped reading TFA

[Dr. Evil]

You'll reprioritize when your starving children become zombies and your parent tries to kill you.

Re:Well

[phantomfive]

Didn't you know? Software wants to be free. Information wants to be anthropomorphized.

Re:If you read all of it ...

[Ari Rahikkala]

Perhaps if people read all of Linus's email they would be more understanding and less quick to condemn him.

If I could read all of Linus's email, I think I would be more understanding of him wanting to be able to work with security models :p.

Re:Well

[Anonymous Coward]

> Security doesn't stop with setting the "evil bit".

There, fixed that...

Re:Need to plug goatse

[Zathruss]

Actually, that would be a security 'hole' now, wouldn't it?

Re:Well

[zeromorph]

I think he wrote Clippy.

Re:Well

[ShieldW0lf]

No it doesn't. Information hates being anthropomorphized.

Re:Language abuse

[CortoMaltese]

Speaking as someone from the same demographics as Linus, I can assure you that he's familiar with the meaning of the word.

Newsflash! Two nerds are familiar with wanking.