|
|
Log in / Subscribe / Register

Security quote of the week

[Posted February 9, 2022 by corbet]

Adding knobs to disable features for unactionable security concerns gives a feel good in terms of security theatre, but it causes system unpredictability in that any given application now has to check if a feature is usable before it uses it and figure out what to do if it isn't available. The more we do it, the bigger the combinatoric explosion of possible missing features and every distro ends up having a different default combination.

The bottom line is it's much better to find and fix actual security bugs than create a runtime configuration nightmare.

James Bottomley
to post comments


Copyright © 2022, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds