On lun., 2012-03-26 at 10:29 -0500, David Ehle wrote: > Hello, > > A bit of googling doesn't seem to produce much in the way of results on > this topic so I thought I would seek out opinions on the list. > > Please let me know if I'm making any false assumptions or showing a > mis-understanding of the issue: > > DKMS is becoming the "preferred" way to do things that require > building/rebuilding modules that don't come packaged with your current > kernel. > > DKMS requires compiler/build tools to be installed on the system to do its > thing. Wrong, afaict there's a mode where you build for other machines. > > Isn't having compilers/build tools considered a security "no no" if > possible to avoid? Everyone's free to do what she wants. > > Is this limiting the use of DKMS? > > How are you balancing the convenience (now sometimes "need") of DKMS vs > the risk of having compliers on servers? Answered above. > > If your saying "no," how are you getting the modules onto your secure > systems? > > If this is a "solved issue" could you direct me to good documentatin? dkms(8) looks like a good starting point. Regards, -- Yves-Alexis
Attachment:
signature.asc
Description: This is a digitally signed message part