Re: [PATCH 1/3] decnet: Move to staging
From: Stephen Hemminger <shemminger@vyatta.com>
Date: Mon, 22 Nov 2010 20:31:31 -0800
> On Tue, 23 Nov 2010 03:51:53 +0000
> Ben Hutchings <ben@decadent.org.uk> wrote:
>
>> Recent review has revealed several bugs in obscure protocol
>> implementations that can be exploited by local users for denial of
>> service or privilege escalation.
>>
>> The decnet protocol (PF_DECnet) is unmaintained. Since 2.6.12-rc2 the
>> only changes appear to be adjustments for net API changes and fixes
>> for bugs found by inspection.
>>
>> This protocol generally should not be enabled by distributions, since
>> the cost of a security flaw affecting all installed systems presumably
>> outweighs the benefit to the few (if any) legitimate users.
>>
>> Signed-off-by: Ben Hutchings <ben@decadent.org.uk>
>
> NAK there are still users and stuff does get fixed.
> If you don't like it then disable it from config.
Seriously, I can't even remember a bonifides security flaw in decnet
being found recently and in fact the decnet stack is very well written
code.
Reply to: