Re: thoughts on kernel security issues

From: Dave Jones
Date: Thu Jan 13 2005 - 16:42:36 EST

Next message: Linus Torvalds: "Re: security contact draft"
Previous message: Bernd Eckenfels: "Re: NUMA or not on dual Opteron"
In reply to: Marek Habersack: "Re: thoughts on kernel security issues"
Next in thread: Marek Habersack: "Re: thoughts on kernel security issues"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Thu, Jan 13, 2005 at 10:02:29PM +0100, Marek Habersack wrote:
> Theory is fine, practice is that the closed disclosure list changes matters
> for a vaste minority of people - those who are to install the fixed kernels
> are in perfectly the same situation they would be in if there was a fully
> open disclosure list.

No, it's not the same. They're in a _worse_ situation if anything.
With open disclosure, the bad guys get even more lead time.

If admins don't install updates in a timely manner, there's
not a lot we can do about it. For those that _do_ however,
we can make their lives a lot more stress free.

Dave

-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Next message: Linus Torvalds: "Re: security contact draft"
Previous message: Bernd Eckenfels: "Re: NUMA or not on dual Opteron"
In reply to: Marek Habersack: "Re: thoughts on kernel security issues"
Next in thread: Marek Habersack: "Re: thoughts on kernel security issues"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]