| |||||||||||||
"Stable" kernel 2.6.25.7 released"Stable" kernel 2.6.25.7 releasedPosted Jun 17, 2008 14:47 UTC (Tue) by PaXTeam (subscriber, #24616)In reply to: "Stable" kernel 2.6.25.7 released by nix Parent article: Stable kernel 2.6.25.7 released
i'm not assuming or interpreting anything, i speak of facts i have. for one, it's not a large number of people, it's the membership of secret lists which by its nature is quite limited. second, it doesn't take a lot of coordination when you're within your normal social circle anyway (the same kernel devs who interact on lkml, at conferences, real life, etc), it's normal human behaviour to stick to the flock lest you get ejected. so no, this is not a conspiracy (you've been caught again ;). speaking of facts, what do you have to say about the Paul Mackerras quote and its visible result in the commit message? what is your interpretation? why was he even raising the point of how candid he should be in the commit? > In fact your interpretation makes no sense at all: why would people > spend time coordinating to hide security holes when knowingly doing that > could have no consequence other than to harm the reputation of the > system they're working on? Doing that would be ridiculous. why would there be consequences when all of this can take place outside of the public eye, in a completely unaccountable manner? > Ergo, they aren't doing that: and you determined that by...? oh right, you didn't. why don't you go ask for the mailing list archives? that would surely answer all questions, do you agree? and if there's nothing bad to hide in there, there shouldn't be any objections to getting them.
(Log in to post comments)
"Stable" kernel 2.6.25.7 released Posted Jun 17, 2008 15:40 UTC (Tue) by nix (subscriber, #2304) [Link] Er, if the holes get exploited, of *course* there's a consequence. And if there's no possibility that the holes would be exploited, then modifying the commit messages to conceal the security-related nature of the commits makes no sense. You're blatantly contradicting yourself now. I've had enough of this thread.
"Stable" kernel 2.6.25.7 released Posted Jun 17, 2008 16:09 UTC (Tue) by PaXTeam (subscriber, #24616) [Link] > Er, if the holes get exploited, of *course* there's a consequence. > And if there's no possibility that the holes would be exploited, then > modifying the commit messages to conceal the security-related nature of > the commits makes no sense. i have absolutely no idea what you are talking about now. probably another of your strawmen, but just in case: you were trying to speculate why it makes no sense to downplay/hide security information in commit messages (mind you, a few posts below you argued the *opposite*, so much for contradiction ;) since that would only endanger the reputation of their work. except you forgot the little fact that such coverup took place in a secret list, hence there was no danger of exposure, on the other hand there was a perceived advantage of not getting bad PR about the many silently fixed security bugs. and now, out of the blue, you come with this commit message modification and how it makes no sense for bugs that don't have a security impact. guess what, if a bug cannot possibly be exploited then it doesn't have a security-related nature. that's a tautology and i'm not sure what you tried to say with that. incidentally, we weren't talking about bugs without security impact either. another strawman down ;). > You're blatantly contradicting yourself now. hmm, where? you're making no sense to me now, sorry. but feel free to elaborate. of course if you just wanted a cheap cop-out, let this rest.
"Stable" kernel 2.6.25.7 released Posted Jun 17, 2008 18:07 UTC (Tue) by nix (subscriber, #2304) [Link]
As I said, I'm dropping this because we're talking past each other. ('Cheap cop-out'.
Charming.)
|
|||||||||||||