This is the mail archive of the systemtap@sourceware.org mailing list for the systemtap project.


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]
Other format: [Raw text]

Re: Proposal for PR 13128


On 09/28/2011 12:04 PM, Dave Brolley wrote:
> stapguru: full capability probing; still requires a signed module

> We can omit stapguru if the consensus is that it is overkill. The 
> conceptual difference between stapguru and stapdev is that stapguru says 
> "we trust you to write systemtap scripts, but we still want to know that 
> your module was compiled by a trusted systemtap implementation (i.e. we 
> don't trust you to load *any* module). Given the power of guru mode, 
> this distinction may not be useful.

I don't see that this sort of stapguru has any value.  If you're
permitted to write whatever garbage you want in embedded-C, then getting
that garbage signed doesn't make it any safer.


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]