LWN.net Logo

Not logged in

Log in now

Create an account

Subscribe to LWN

Recent Features

LWN.net Weekly Edition for May 23, 2013

An "enum" for Python 3

An unexpected perf feature

LWN.net Weekly Edition for May 16, 2013

A look at the PyPy 2.0 release

Printable page
Weekly edition Kernel Security Distributions Contact Us Search
Archives Calendar Subscribe Write for LWN LWN.net FAQ Sponsors

A missed point

A missed point

Posted Jan 27, 2012 23:59 UTC (Fri) by zlynx (subscriber, #2285)
Parent article: A /proc/PID/mem vulnerability

If I recall it correctly from back when Linus had this discussion way back when, one of the points he made that this article didn't bring up is that there are hundreds of Linux bugs and bug fixes which aren't known to be security holes and security fixes at the time they are fixed.

Therefore, if you are relying on commit messages to have a big "Security Fix Here" tag so that you know when to upgrade your kernel, you will be insecure anyway.

(Log in to post comments)

A missed point

Posted Jan 28, 2012 0:50 UTC (Sat) by neilbrown (subscriber, #359) [Link]

This is undoubtedly true.

As a general rule, many commit messages are not as informative as they could be or should be. Andrew Morton regularly rants about this. I personally find that writing a good commit message helps me find problems with the commit often enough that it is clearly worth while. It seems that others don't :-(

So commit messages don't guarantee anything, and they could certainly be better.

But that doesn't excuse removing security related information from commit messages, or deliberately leaving it out. We should always include anything useful that we know. We cannot justify leaving info out because some other commit message doesn't have that kind of info.

So sure: if people only back-port commits which say "bug fix" or "security issue" in the commit message, then they are being foolish. But it is not our place (or Linus' place) to stop people from being foolish.

It *is* our place to make the code and the code-history as easy to understand and maintain as possible.

A missed point

Posted Jan 28, 2012 0:54 UTC (Sat) by PaXTeam (subscriber, #24616) [Link]

Linus' argument isn't about being secure/insecure by selectively backporting patches per se (it's not a boolean property) but whether one's more or less secure/insecure by doing selective backporting or just flowing with his git HEAD. by covering up security fixes he effectively makes that choice for everyone, and that doesn't fly well with people who believe they know better (by virtue of not providing kernels based on his git HEAD to their users, which i believe covers about 99.99999% of all linux users).

A missed point

Posted Feb 9, 2012 11:45 UTC (Thu) by kevinm (guest, #69913) [Link]

In particular, *any* wild pointer write or use-after-free bug in any random driver should be considered a security bug.

Copyright © 2013, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds