Re: [stable] Linux 2.6.25.10
From: Greg KH
Date: Wed Jul 16 2008 - 12:33:33 EST
On Wed, Jul 16, 2008 at 05:43:15PM +0200, pageexec@xxxxxxxxxxx wrote:
> > Take a look at the words I used, if someone can't determine if they
> > should upgrade or not based on that,
>
> your carefully chosen words are *wrong* in fact.
I do not think so, but you are free to disagree.
> exploiting local bugs has nothing to do with having untrusted users in
> the age of client side exploits. due to your completely
> mischaracterized description, individual home users may very well feel
> that they do not need to upgrade, to the delight of the next malware
> owning their browser. you can congratulate yourself Greg, you
> successfully misled a whole class of users.
No, I do not believe this is true, for this bug, sorry. If you
disagree, please feel free to post such an exploit. Such a problem
would be a browser issue, and totally out of scope for a kernel issue.
> > then they need to rely on a company
> > to provide updates for them, and not be running their own kernels
> > because they really have no clue about system management.
>
> you conveniently failed to respond to the rest of my mail where i showed
> that Chris Wright, heck, even yourself did announce security fixes as such
> in the past. how do you explain that?
I am human and as such, word things differently at times. Based on crap
like this thread, and from discussions with Linus and others, trying to
classify such things as "security fixes" all the time isn't useful or
helpful.
Again, I still feel my original wording was sufficent. If you disagree,
feel free to start releasing your own kernels with whatever wording you
like. If people find them useful, perhaps they will use them instead of
the ones I do at times.
good luck,
greg k-h
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/