Hagen Paul Pfeifer wrote:
* John Heffner | 2006-10-26 13:29:26 [-0400]:
My reservation in doing this would be that as an administrator, I may
want to choose exactly what congestion control is available any any
given time. The different congestion control algorithms are not
necessarily fair t
* John Heffner | 2006-10-26 13:29:26 [-0400]:
>My reservation in doing this would be that as an administrator, I may
>want to choose exactly what congestion control is available any any
>given time. The different congestion control algorithms are not
>necessarily fair to each other.
ACK, comp
From: John Heffner <[EMAIL PROTECTED]>
Date: Thu, 26 Oct 2006 13:29:26 -0400
> My reservation in doing this would be that as an administrator, I may
> want to choose exactly what congestion control is available any any
> given time. The different congestion control algorithms are not
> necessa
From: Evgeniy Polyakov <[EMAIL PROTECTED]>
Date: Thu, 26 Oct 2006 18:57:13 +0400
> It just calls /sbin/modprobe, which in turn runs tons of scripts in
> /etc/hotplug, modprobe and other places...
> In the paranoid case we should not allow any user to load kernel
> modules, even known ones. Should
My reservation in doing this would be that as an administrator, I may
want to choose exactly what congestion control is available any any
given time. The different congestion control algorithms are not
necessarily fair to each other.
If the modules are autoloaded, I could still enforce this b
Stephen Hemminger wrote:
> No capability check needed. Any additional paranoia belongs in /sbin/modprobe.
>
> There seems to be lots of existing usage where a user can cause a module
> to be loaded (see bin_fmt, xtables, etc).
x_tables is restricted to CAP_NET_ADMIN, but in net/ alone we have
__
On Thu, 26 Oct 2006 18:57:13 +0400
Evgeniy Polyakov <[EMAIL PROTECTED]> wrote:
> On Thu, Oct 26, 2006 at 07:34:57AM -0700, Stephen Hemminger ([EMAIL
> PROTECTED]) wrote:
> > Evgeniy Polyakov wrote:
> > >On Wed, Oct 25, 2006 at 11:08:43AM -0700, Stephen Hemminger
> > >([EMAIL PROTECTED]) wrote:
>
On Thu, Oct 26, 2006 at 07:34:57AM -0700, Stephen Hemminger ([EMAIL PROTECTED])
wrote:
> Evgeniy Polyakov wrote:
> >On Wed, Oct 25, 2006 at 11:08:43AM -0700, Stephen Hemminger
> >([EMAIL PROTECTED]) wrote:
> >
> >>If user asks for a congestion control type with setsockopt() then it
> >>may be a
Evgeniy Polyakov wrote:
On Wed, Oct 25, 2006 at 11:08:43AM -0700, Stephen Hemminger ([EMAIL PROTECTED])
wrote:
If user asks for a congestion control type with setsockopt() then it
may be available as a module not included in the kernel already.
It should be autoloaded if needed. This is do
On Wed, Oct 25, 2006 at 11:08:43AM -0700, Stephen Hemminger ([EMAIL PROTECTED])
wrote:
> If user asks for a congestion control type with setsockopt() then it
> may be available as a module not included in the kernel already.
> It should be autoloaded if needed. This is done already when
> the de
Stephen Hemminger wrote:
> If user asks for a congestion control type with setsockopt() then it
> may be available as a module not included in the kernel already.
> It should be autoloaded if needed. This is done already when
> the default selection is change with sysctl, but not when application
If user asks for a congestion control type with setsockopt() then it
may be available as a module not included in the kernel already.
It should be autoloaded if needed. This is done already when
the default selection is change with sysctl, but not when application
requests via sysctl.
Only reser
12 matches
Mail list logo
