On Sat, May 24, 2003 at 08:42:39PM +0200, Christoph Hellwig wrote:

> On Sat, May 24, 2003 at 02:34:17PM -0400, Matt Zimmerman wrote:
> > What benefit is there in not announcing these problems?  Security
> > through obscurity?  How can we inform our users of their exposure when
> > we are not informed ourselves about security problems?
> 
> Noise.  You can's accnounce every possibly security-related fix found by
> an audit - note that it's not clear whether it actually _is_
> security-relevant at this point and certainly no one wrote an exploit for
> it.

You certainly can; other projects do.  The presence of an exploit is
irrelevant; we fix vulnerabilities all the time for which no exploit
necessarily exists.

It's not noise at all when it's something that we and others (desperately!)
want to know about.

> > It is infortunate if this must sometimes happen, but hopefully it is an
> > exception, and in those cases we will need to rebuild modules and
> > provide for both kernel images to be installed at once.
> 
> It's not an exception.  Fixes can and will change the ABI all the time.
> You should not expect to be able to load a binary kernel module into _any_
> other one than the one it was compiled against.  Sometimes security fixes
> may even break the source API.  (remember the dcache issues in
> 2.2.<early>?).

Compatibility is often broken for many other reasons as well; this does not
mean that it is necessary for our purposes.

-- 
 - mdz


Reply via email to