which prompted this reply from Linus:You argued against pluggable schedulers, right?
Why is security different?
(For the whole exchange, see http://kerneltrap.org/Linux/Pluggable_Security).Schedulers can be objectively tested. There's
this thing called "performance", that can
generally be quantified on a load basis.
Yes, you can have crazy ideas in both schedulers
and security. Yes, you can simplify both for a
particular load. Yes, you can make mistakes in
both. But the *discussion* on security seems to
never get down to real numbers.
So the difference between them is simple: one
is "hard science". The other one is "people
wanking around with their opinions".
Once again, information security proponents get blasted for being unable to objectively back up their cases. We have got to get away from basing so much of what we do on opinion; so often, when called on this, we end up looking like an emperor who just lost his clothes. And it's happening more and more often.