User: Password:
Subscribe / Log in / New account

Not much of a flamewar at all

Not much of a flamewar at all

Posted Jul 17, 2008 0:01 UTC (Thu) by pr1268 (subscriber, #24648)
In reply to: Handling kernel security problems by PaXTeam
Parent article: Handling kernel security problems

Thanks for the reply and clarification. My use of the term "flamewar" was meant in the broadest sense of the word. My bottom paragraph describes how I perceived why you continued to post replies to the LKML even after many of the senior kernel devs had already pitched in on why they do things the way they do.

You're certainly welcome to you opinion that "there's an apparent need for [security problems being covered up]", and I partially agree with you in this matter, but continued discussions and debates on the LKML attempting to persuade insisting that the kernel devs change their ways may prove futile. Just my $0.02.

(Log in to post comments)

Not much of a flamewar at all

Posted Jul 17, 2008 0:45 UTC (Thu) by PaXTeam (guest, #24616) [Link]

oh, i think i know what you were thinking of as 'flamewar' then. basically, the program was
this: ask the kernel devs how they handle security bugs (what goes into the commits, what gets
announced, etc). once that was clear (essentially, not full-disclosure but non-disclosure, or
coverup), i got interested in why they decided that that was the best way for them. note i did
*not* want to change their minds per se, but as having some background and experience in
security, i thought maybe they based their decision on flawed assumptions (that i've seen so
many times) and if explained/corrected, they may rethink their position - or i would learn
something new. so i asked further about the justification for not including security info in
commits/announcements/etc and got all kinds of silly reasons that were easy to explain. that
it didn't have any effect and we ended up with 'we do it just because' is not my fault, nor do
i consider it a success to learn about their motives. so that's about it, we'll continue to go
different ways.

Copyright © 2017, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds