| |||||||||||||
Read the followup by pagexecRead the followup by pagexecPosted Jun 11, 2011 22:33 UTC (Sat) by mingo (subscriber, #31122)In reply to: Read the followup by pagexec by spender Parent article: Quotes of the week
Just because you say they don't mention a bug fixes booting issues, or filesystem corruption, doesn't make it the case.Well, in my 15+ years of kernel maintenance experience, developers are generally very bad at writing changelogs, so yes, even if developers are aware of some serious side-effect, they more often than not do not properly mention it in the changelog. You mention boot crashes: i'm an arch maintainer so i look after lowlevel code which is literally a magnet for boot crashes, and the majority of boot crash fixes come to me with a change-log that does not mention this fact - often i have to reconstruct it myself. If you ever were in the position to write features and fix bugs for a big and popular OSS project you'd realize that it's a pretty natural process: developers are happy that they fixed the bug, they describe how they fixed it and what the behaviour now is - then they move on, they don't live in the past trying to figure out what other side-effects a bug might have and they don't try to find ways to break into the system. They just spent hours or days debugging some bug and want to move on, so writing the changelog is often only an afterthought. Linux is also very international, so often there's a language barrier that reduces the willingness of developers to write good changelogs and which degrades the quality of changelogs. There's exceptions, but it's rare. Come on, this is ridiculous. I'm not going to argue with someone so detached from reality. I think you are the one detached from reality - you clearly have absolutely no idea how Linux kernel developers think when they write fixes and in this discussion you have demonstrated that you have no idea how the Linux kernel development process works. To compound your mistake you also insult almost everyone who happens to disagree with you. I hope you behave in a different way with your loved ones.
(Log in to post comments)
Read the followup by pagexec Posted Jun 12, 2011 12:18 UTC (Sun) by nix (subscriber, #2304) [Link] To compound your mistake you also insult almost everyone who happens to disagree with you.This is particularly foolish, because it goes directly against his primary goal, which is to get developers writing code with security in mind (well, OK, his *other* primary goal is to get credit come what may, but that is endemic in the security field so can be disregarded). Unfortunately he is so unpleasant when doing it that virtually everyone who might benefit from his instruction is so turned off by his supercilious and venomous interaction style that they rapidly disregard everything he says, if they don't just killfile him and leave it at that. I'm not a security person, just someone writing low-level userspace code some of which is network-exposed, i.e. just the sort of person he might be interested in educating, you'd think. When he started posting here I had no idea who he was. Within about fifty posts I'd realised that he obviously knew his stuff, but his interaction style was so unpleasant and so predicated on never admitting error and never giving anyone the benefit of the doubt that by that point I wouldn't believe him if he said the sky was blue. And I don't think I'm particularly unusual. Even people who can cope with the... robust interactions on the l-k list get turned off by the spender style: the vast number of good developers who don't go near l-k because it's too unpleasant are not even going to consider paying attention to spender, because listening to his security lessons is like wading through acid. Nobody wants their lessons interspersed with commentary on how stupid and foolish they are, and how they are engaging in coverups against the public good (though that last is more PaXTeam's shtick). There's a reason decent teachers don't attack their students. I have an aunt who communicates in a similar style to spender. Or she would, if she could -- nobody talks to her. Nobody wants to.
Read the followup by pagexec Posted Jun 12, 2011 12:56 UTC (Sun) by spender (subscriber, #23067) [Link]
Call it whatever you like, I don't suffer fools gladly. In my view, you're like a child that walks into an advanced mathematics course and wants to talk over the professor the entire time because you foolishly think you have something immensely important to say.
You have a lot of comments about my ability as a teacher; I have some advice for you as well: a wise student knows to do his/her homework and when to be quiet and listen.
BTW while you all were busy spouting nonsense, I just backported a couple security fixes that didn't make it into -stable. In the one case, it made it into .39-stable but was left out of .32-longterm. Oh, and the fixes were all months old. But hey, forget objective evidence, here talking out of your ass about how people are running kernels that have all the bugs fixed is king, so suit yourselves.
Times like these remind me of the cognitive dissonance demonstrated here: http://lwn.net/Articles/290964/ and this post from the PaX team: http://lwn.net/Articles/290968/
See you next year.
-Brad
Read the followup by pagexec Posted Jun 12, 2011 13:14 UTC (Sun) by mingo (subscriber, #31122) [Link] BTW while you all were busy spouting nonsense, I just backported a couple security fixes that didn't make it into -stable. In the one case, it made it into .39-stable but was left out of .32-longterm. Oh, and the fixes were all months old. But hey, forget objective evidence, here talking out of your ass about how people are running kernels that have all the bugs fixed is king, so suit yourselves. You make a quite elementary mistake of logic here: why do you assume that -stable backports are perfect? It's a human process and human processes are never perfect. Our argument is that adding CVEs to change-logs and treating security bugs differently from other bugs is counter-productive, for all the reasons we outlined. You never addressed that simple argument heads on in this thread - and i submit that you cannot.
Read the followup by pagexec Posted Jun 12, 2011 13:30 UTC (Sun) by mingo (subscriber, #31122) [Link] I have a very simple question to people like you who seem to suffer from excessive narcissism: please name three other persons who are smarter and more capable than you, in the field you work in. (In most cases they are utterly unable to answer that question honestly.)
Read the followup by pagexec Posted Jun 12, 2011 13:55 UTC (Sun) by nix (subscriber, #2304) [Link] Call it whatever you like, I don't suffer fools gladly. In my view, you're like a child that walks into an advanced mathematics course and wants to talk over the professor the entire time because you foolishly think you have something immensely important to say.My apologies for daring to post in any thread you have chosen to grace with your mighty presence, sire. I should have known my place, at the bottom forever, and kept silent while the adults were talking, never daring to venture comment, since that's how the free software world works. (btw, professors really do not act like you do.) I will shut up now, because this is verging on a flame, even if a justified one.
Read the followup by pagexec Posted Jun 12, 2011 14:05 UTC (Sun) by nix (subscriber, #2304) [Link]
Apologies to Jon for lowering the tone of the discussion on LWN possibly even more than spender already had. I've filtered spender and PaXTeam out on the grounds that though they may occasionally post worthwhile things, most of their comments have me shaking with anger in seconds, so it's probably bad for my health for me to read any more of them. I will not contribute further to lowering the S/N ratio when they appear.
Because driving students away forever shaking with anger is what a good professor does.
Malicious content detected Posted Jun 21, 2011 5:07 UTC (Tue) by gabucino (guest, #72504) [Link]
WARNING: the comment above was posted from an insecure operating system, therefore considered potentially harmful.
|
|||||||||||||