Not logged in
Log in now
Create an account
Subscribe to LWN
LWN.net Weekly Edition for May 16, 2013
A look at the PyPy 2.0 release
PostgreSQL 9.3 beta: Federated databases and more
LWN.net Weekly Edition for May 9, 2013
(Nearly) full tickless operation in 3.10
exactly. i even gave you the links to the thread where you can read about it yourself. have you?
Posted Apr 25, 2009 12:36 UTC (Sat) by pjm (subscriber, #2080)
(I'll continue to spend some more time and space on this partly just for my own curiosity, and partly because there's a slim chance that exploring this might actually lead to a slightly better understanding of Linus' position; and maybe you'd like to understand why I or tialaramex have posted as we have.)
First of all, the easy case: has Linus literally said the words if we don't tell the bad guys about the bugs, they'll never find them ? I'd guess the answer is no, as this doesn't occur in the messages that you or Brad refer to, and a google search doesn't find it [other than here on this thread in LWN], and google does seem to find most other linux-kernel discussion; but maybe he said it in a different forum I'm not aware of that isn't indexed by google. If so, then that would clear things up straight away.
(Btw, I understand and even appreciate you asking to check with your correspondant that they have read the posts linked to: I know it's frustrating to discuss with someone who isn't actually giving thought to what you're saying. So yes, I had read the two posts you linked to, and also the posts that Brad referenced above and some of the surrounding posts, and I remember some of the discussion from when it last came up; though obviously I wouldn't be as closely familiar with the discussion as you and Brad, so thanks for having taken the time to post links to the relevant posts.)
Otherwise, do you believe that Linus either believes or has said that withholding information from commit messages will mean that no bad guy will know about any bug, or that no bug in Linux will be exploited in the wild ? (As distinct from believing merely that withholding information from commit messages will reduce how many bugs bad guys find out about, or reduce how many bugs will be exploited in the wild.)
Otherwise, do you think that there's no significant difference between saying "... then they'll never find them" and saying "... then fewer bad guys will ever find them" ?
There are some other possible reasons for our differing, but the above questions will do for now, if you too would like to continue to look into this. (I'll understand if you choose not to spend any more time on it.)
Posted Apr 25, 2009 19:14 UTC (Sat) by PaXTeam (subscriber, #24616)
for what to read: it's not only about the few posts we linked to, it's the entire flamewar on lkml and some 5 threads here on LWN, hundreds of posts altogether. i understand if you're less than inclined to read them though, but then don't expect me to repeat all what was said back then either (much to the delight of many readers i guess ;).
as for your other questions: i assume you're not involved in computer security which would expain why you missed the real meaning behind spender's quote. in short, it was slyly disparaging as Linus' publicly stated position and actual actions are so much disconnected from reality (it's not a matter of my or anyone's belief, it's of public record, so much so that it earned him this nomination last summer: http://pwnie-awards.org/2008/nominees.html#lamestvendor).
let me leave you with some food for thought: imagine someone with the ability to write exploits against kernel bugs. imagine further he can also determine just by looking at a given patch whether it fixed a (potentially) exploitable bug (potentially, since one cannot be sure until one actually tries it, kernel bugs usually aren't the easiest kind to exploit). now imagine that you give this person a list of patches without telling him what they do. do you actually believe that this will prevent him from picking out the ones fixing exploitable bugs? because that's exactly what Linus et al. have tried to argue in their desperate attempt at explaining why coverup is good. last but not least: imagine that a file system driver has a bug that can corrupt on-disk data. do you think the proper approach is to not tell the world about it? history says otherwise. now imagine you have a kernel memory corruption bug that can do the same by virtue of corrupting filesystem (meta)data (let's forget about the potential for privilege elevation). do you think it's prudent to not tell the world about it and vehemently argue why it is even a good thing? history says yes. now consider that a memory corruption bug is typically much easier to abuse for trashing random memory (including the filesystem stuff i mentioned) than it is to properly and reliably exploit for privilege elevation. as i said, just some food for thought...
Copyright © 2013, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds