User: Password:
Subscribe / Log in / New account Release notes Release notes

Posted Feb 25, 2010 22:42 UTC (Thu) by PaXTeam (guest, #24616)
In reply to: Release notes by nix
Parent article: Release notes

> *if people realise at fix time that they are filesystem corruption bugs*.

aha. and "if people realise at fix time that they are security bugs" they... don't mark them as such. not only that, they even try to explain why that's a good thing. now you tell me why the same arguments don't apply to filesystem corruption bugs (and many others, i just picked an obvious one for this exercise). or more to the point, why the arguments for marking known filesystem corruption bugs don't apply to known security bugs. btw, i'm glad that after years of misunderstanding you're slowly getting it ;).

> [...]because at least there are broad regions of the kernel where bugs
> are unlikely to affect filesystems,

anything that can result in kernel memory corruption, in those broad regions of the kernel included, has a fair chance to trash filesystem related (meta)data as well. speaking of which, by the same token if said memory corruption bugs are not marked for security, they should at least be marked for potential filesystem corruption but not even that is done.

> btw, nice to see you're vilely rude to everyone, not just me

i wasn't rude to you, you yourself admitted that you sometimes post under the influence of drugs that you later regret. i was merely wondering if the same happened here as well because you so obviously posted crap about something that wasn't ever said (you're welcome to prove your post with quotes from us).

> (and fifty seconds' googling would make it clear that he's had multiple
> real jobs in the free software community.

make it 5 seconds, but then we've got bigger skill differences i guess ;). and yes, i know where he teaches and it's also clear that he has no idea whatsoever about how a real corporation works where people have real responsibilities and the "Questions are optional, patching isn't" mentality doesn't fly in *any* production environment i've ever seen (hint: it's not how RH/Novell work either). but someone like you should know better than defending such a stand.

> He gives out his real name, you see.

this coming from an anonymous coward sounds just way too funny ;).

(Log in to post comments) Release notes

Posted Feb 25, 2010 23:09 UTC (Thu) by nix (subscriber, #2304) [Link]

aha. and "if people realise at fix time that they are security bugs" they... don't mark them as such.
And I agree that that is a bad thing, and have said so repeatedly, although I'd understand it if you were too busy sniping to actually read what I write.

Copyright © 2017, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds