Andre Hedrick wrote:
> > Andre, I quite grasp this. I stand by my earlier statement. If it can
> > be fixed, write the patch and put it in and go on with life. With all
>
> I wrote the patch but it is not wanted "ide.2.4.0-t5-2.all.4c.patch.bz2"
> I proved the tool to try and break it.
It is wanted and I'll definitely use it. Security is NEVER a 100%
guarantee, it's a leveraged risk. Everything that gives me more of the
advantage than the script kiddie, then by golly I'll have it.
> I tried and failed to get it in........
> It is so important that people need to be aware.
>
> > Everybody would be inherently safer from the malicious kiddie who
> > doesn't [yet] know how to break things and may never know.
>
> Not if you do not know about it and the protection is denied.
>
> > By carrying on about it for a week, it's a nice honeypot for that
> > malicious kiddie to search the archives and build a workable exploit to
> > destroy hardware.
>
> I exposed it because was exposed. And shown to me.
> I was not looking for this but it was shown to me and when I finally
> figured out what to make of it and do. Nothing happened...
Then try again. When the patch is sane, doesn't have adverse side affects,
gives benefits to the masses, etc, etc, then I'm sure it'll go in. Getting
a patch in is a sales pitch. Convince me why I need it and I'll put it in
my kernel. Convince Linus why everyone needs it and he'll put it in.
Speaking of the 100% factor, I'm sure with some ingenious thought, we can
figure out a way to block this pretty darn close to 100%, raw bit banging or
ioctl.
-d
-- "The difference between 'involvement' and 'commitment' is like an eggs-and-ham breakfast: the chicken was 'involved' - the pig was 'committed'."
- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@vger.rutgers.edu Please read the FAQ at http://www.tux.org/lkml/
This archive was generated by hypermail 2b29 : Sun Jul 23 2000 - 21:00:17 EST