User: Password:
|
|
Subscribe / Log in / New account

Why not follow that rule then?

Why not follow that rule then?

Posted Jul 17, 2008 2:41 UTC (Thu) by bojan (subscriber, #14302)
Parent article: Kernel security problems: a response

> As Linus and others have noted, marking some bugs as being "security-related" is not
helpful, especially as not everyone can even agree - or sometimes even know at release time -
whether a bug has security implications or not.

If above is true, then saying:

> any user of the 2.6.25 kernel on x86-64 with untrusted local users is very STRONGLY
recommended to upgrade

Is clearly not following that. In other words, you are saying that this is a security issue
(keywords: "untrusted users", "very STRONGLY ... upgrade"), just using slightly different
language.

So, why was this marked as "security fix" if Linus and others say that doing that is not
helpful at all? Just release the things with no comment then.


(Log in to post comments)

Why not follow that rule then?

Posted Jul 18, 2008 7:42 UTC (Fri) by dgm (subscriber, #49227) [Link]

Because he said "some bugs" and not "any bugs".


Copyright © 2017, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds