Re: thoughts on kernel security issues

From: John Richard Moser
Date: Tue Jan 25 2005 - 13:02:29 EST

Next message: Jirka Kosina: "[PATCH] fix linking of ip_nat_tftp.o and ip_conntrack_tftp.o"
Previous message: Jason Uhlenkott: "Re: LKCD on 2.6 IA64 Linux Kernel"
In reply to: Bill Davidsen: "Re: thoughts on kernel security issues"
Next in thread: Linus Torvalds: "Re: thoughts on kernel security issues"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Bill Davidsen wrote:
> Linus Torvalds wrote:
>
>>
>> On Tue, 25 Jan 2005, Bill Davidsen wrote:
>>
>>> Unfortunately if A depends on B to work at all, you have to put A and
>>> B in as a package.
>>
>>
>>
>> No. That's totally bogus. You can put in B on its own. You do not have
>> to make A+B be one patch.
>
>
> No,perhaps it isn't clear. If A changes the way a lock is used (for
> example), then all the places which were using the lock the old way have
> to use it the new way, or lockups or similar bad behaviour occur.
>

Actually, the issue I was looking at was more focused on security
patches which implement multiple security countermeasures which do
precisely dick; except that they cover eachothers' flaws so that
together they create a real solution.

It's kind of like locking your front door, or your back door. If one is
locked and the other other is still wide open, then you might as well
not even have doors. If you lock both, then you (finally) create a
problem for an intruder.

That is to say, patch A will apply and work without B; patch B will
apply and work without patch A; but there's no real gain from using
either without the other.

> Did I say it more clearly? Some things, like locks, have to have all the
> players using the same rules.
>
>>
>>
>>> There is no really good way (AFAIK) to submit a bunch of patches and
>>> say "if any one of these is rejected the whole thing should be ignored."
>>
>>
>>
>> But that's done ALL THE TIME. Claiming that there is no good way is
>> not only disingenious (we call them "numbers", and they start at 1, go
>> to 2, then 3. Then there's usually a 0-patch which only contains
>> explanations of the series), but it's clearly not true, since we have
>> patches like that weekly.
>
>
> Again, I said later that it depends on the maintainer not to apply one
> part which won't work without the others. Not that it wasn't happening,
> but that there's nothing more formal than human talent. I don't regard
> that as a really good way, since it makes more work for maintainers.
>
> I really think the original post was reasonably clear that I was
> suggesting a more formal means of designating things which should be
> accepted as a unit, not whatever you rea into it.
>

- --
All content of all messages exchanged herein are left in the
Public Domain, unless otherwise explicitly stated.

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.0 (GNU/Linux)
Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org

iD8DBQFB9ol1hDd4aOud5P8RApVuAJ4jPnFcRGp7hThvmDefm6yUaDB4VACeOrqH
bSD9P/v/lyJiIZ675QJfFqY=
=EgxJ
-----END PGP SIGNATURE-----
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Next message: Jirka Kosina: "[PATCH] fix linking of ip_nat_tftp.o and ip_conntrack_tftp.o"
Previous message: Jason Uhlenkott: "Re: LKCD on 2.6 IA64 Linux Kernel"
In reply to: Bill Davidsen: "Re: thoughts on kernel security issues"
Next in thread: Linus Torvalds: "Re: thoughts on kernel security issues"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]