On Thu, Feb 10, 2022 at 08:09:03PM -0500, Bryan Steele wrote:
> I wouldn't be so hard on yourself, this is honestly pretty silly. If I
> understand things right, it means that if any addition access rights
> are added later on, that they would be allowed until all software has
> been explictly updated to deny it. That seems like a closed-open design,
> no?

I doubt it would be easy to push a fail-closed design into the Linux ecosystem.
It works well for OpenBSD because its developers control 100% of the stack,
minus applications in ports (though even those can also always be patched).
And we help each other to fix breakage that results from sweeping changes.

Whereas the Linux model encourages fierce competition between its developers,
each working in competing subsystems in isolation from all other parts of the
system (both in terms technical and community boundaries).

I remember the days when you asked around what filesystem to use on Linux,
and everyone would give you a different answer. It seems that eventually ext4
came out on top but that took how many years? Feels like a decade or two.

When the only common agreement is a kernel ABI that must remain backwards
compatible forever and is not allowed to break applications, anything that
could result in run-time errors that cannot be easily disabled is unlikely
to get very far.