Re: Maintaining kernel source in sarge
On Sat, May 24, 2003 at 08:42:39PM +0200, Christoph Hellwig wrote:
> On Sat, May 24, 2003 at 02:34:17PM -0400, Matt Zimmerman wrote:
> > What benefit is there in not announcing these problems? Security
> > through obscurity? How can we inform our users of their exposure when
> > we are not informed ourselves about security problems?
>
> Noise. You can's accnounce every possibly security-related fix found by
> an audit - note that it's not clear whether it actually _is_
> security-relevant at this point and certainly no one wrote an exploit for
> it.
You certainly can; other projects do. The presence of an exploit is
irrelevant; we fix vulnerabilities all the time for which no exploit
necessarily exists.
It's not noise at all when it's something that we and others (desperately!)
want to know about.
> > It is infortunate if this must sometimes happen, but hopefully it is an
> > exception, and in those cases we will need to rebuild modules and
> > provide for both kernel images to be installed at once.
>
> It's not an exception. Fixes can and will change the ABI all the time.
> You should not expect to be able to load a binary kernel module into _any_
> other one than the one it was compiled against. Sometimes security fixes
> may even break the source API. (remember the dcache issues in
> 2.2.<early>?).
Compatibility is often broken for many other reasons as well; this does not
mean that it is necessary for our purposes.
--
- mdz
Reply to: