[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: [PATCH 3/3] x25: Move to staging

There are users of linux X.25 for production environments, please don't..
It works well enough, there have been some X.25 over TCP bits of code
floating around the Internet and mailing lists.
There is an x25 loopback device on sourceforge using tuntap which I
have been using to test slowly removing the bkls.


On Tue, Nov 23, 2010 at 3:31 PM, Stephen Hemminger
<shemminger@vyatta.com> wrote:
> On Tue, 23 Nov 2010 03:55:28 +0000
> Ben Hutchings <ben@decadent.org.uk> wrote:
>> Recent review has revealed several bugs in obscure protocol
>> implementations that can be exploited by local users for denial of
>> service or privilege escalation.
>> The x25 protocol (PF_X25) receives only 'odd fixes'.  There appear to
>> be no published applications for it, and it has never progressed
>> beyond 'experimental' status.
>> This protocol generally should not be enabled by distributions, since
>> the cost of a security flaw affecting all installed systems presumably
>> outweighs the benefit to the few (if any) legitimate users.
>> Signed-off-by: Ben Hutchings <ben@decadent.org.uk>
>> ---
>> I'm somewhat less sure about this one; maybe it's improving?  But there
>> is little enough sign of any usefulness after 10 years.
>> There are several X25 dependencies that presumably should be moved too.
> No. If you don't like it then don't enable it.

Reply to: