|
|
Subscribe / Log in / New account

Dirty COW and clean commit messages

Dirty COW and clean commit messages

Posted Oct 21, 2016 18:29 UTC (Fri) by smoogen (subscriber, #97)
In reply to: Dirty COW and clean commit messages by ware
Parent article: Dirty COW and clean commit messages

It is simple. Just say what you know when you make the commit. If you know the problem has security implications, then say it. If you don't then don't. Trying to hedge around a bug that you know has security implications is ridiculous because of the following items.

1. There are hundreds of red teams out there tearing apart every kernel to see what advantage they can get. They will either figure it out when you close off a working exploit they already had or when they see the commit.

2. The vast number of linux users aren't going to be left out of the cold because there was no time window between the commit and it being know to fix a security problem. They are going to be left out because their phone company will never ship them an updated kernel... and no amount of information blackout window is going to fix that.

to post comments

Dirty COW and clean commit messages

Posted Oct 22, 2016 1:33 UTC (Sat) by bojan (subscriber, #14302) [Link]

Spoken with such clarity and simplicity! +1


Copyright © 2025, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds