User: Password:
|
|
Subscribe / Log in / New account

KS2010: Security

KS2010: Security

Posted Nov 5, 2010 15:16 UTC (Fri) by dlang (subscriber, #313)
In reply to: KS2010: Security by spender
Parent article: KS2010: Security

thank you for the clear statement.

if you don't feel and responsibility for anyone but your users and have no intent to try and push the fixes upstream,then your tree just became pretty irrelavent to linux security for anyone except for your users.

some people may choose to try and parse things apart to get them upstream, but very few people will want to try, so the security fixes that get into the kernel will be developed independantly (even though you will make a lot of noise each time someone recreates your work)

if you don't care about normal linux users, only your users, please quiet down about upstreams's policies, you've just said you don't care about anyone that uses it, so why should you care about it's policies?


(Log in to post comments)

KS2010: Security

Posted Nov 5, 2010 15:35 UTC (Fri) by spender (subscriber, #23067) [Link]

Because upstream's policies affect me and my users? I don't really need to explain the hierarchy and why "upstream" is called "upstream", do I?

-Brad

KS2010: Security

Posted Nov 5, 2010 15:55 UTC (Fri) by PaXTeam (guest, #24616) [Link]

> if you don't feel and responsibility for anyone but your users [...]

so first it's our fault that our code isn't accepted in vanilla for whatever reasons then it's also our fault that we still dare to make it available for anyone who cares. and to crown the absurdity, we're at fault for caring about these people. man, are you sure you have anything to do with security? i'm seriously worried about *your* users.

> [...]and have no intent to try and push the fixes upstream

maybe you're not a native speaker, but if you re-read spender's post carefully, you'll note that he made the cooperation conditional. it's the sentence that starts with the 'if' word, i'm sure you'll be able to find all one instance of it.

> [...]then your tree just became pretty irrelavent to linux security for anyone except for your users.

wait, are you saying grsec *was* relevant up to this very moment in time for anyone but grsec users? wow, i take it you won't elaborate but i smell magic here.

> even though you will make a lot of noise each time someone recreates your work

only if they 'forget' to credit the people for the ideas and/or the code or if they fuck up the implementation. just ask ingo ;).


Copyright © 2017, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds