| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Tue, 27 Nov 2007 01:21:42 +0100 From: "Rafael J. Wysocki" <rjw@...k.pl> To: Adrian Bunk <bunk@...nel.org> Cc: LKML <linux-kernel@...r.kernel.org>, Andrew Morton <akpm@...ux-foundation.org>, Linus Torvalds <torvalds@...ux-foundation.org>, Bartlomiej Zolnierkiewicz <bzolnier@...il.com> Subject: Re: [RFC][PATCH] Update REPORTING-BUGS On Tuesday, 27 of November 2007, Adrian Bunk wrote: > On Mon, Nov 26, 2007 at 11:44:24PM +0100, Rafael J. Wysocki wrote: > > On Monday, 26 of November 2007, Adrian Bunk wrote: > > > On Mon, Nov 26, 2007 at 01:51:37AM +0100, Rafael J. Wysocki wrote: > > > > On Monday, 26 of November 2007, Adrian Bunk wrote: > >... > > > > > We will never get 100% of all bugs fixed. > > > > > > > > > > Let's get back to the fact that we have many bug reports that could be > > > > > fixed within a reasonable amount of time but are not. > > > > > > > > Do you have specific examples? > > > > > > Take e.g. #3938 > > > > Are you sure that this one hasn't been fixed? The reporter doesn't seem to be > > responsive ... > > > > > or #4039 > > > > Same here. > > Saying "reporter doesn't seem to be responsive" is a joke if there was > zero activity in solving any of these bugs for nearly three years. > > They might (or might not) be fixed by chance now, but they should have > been fixed in the beginning of 2005 as a result of the bug reports. > > You can now claim these are too old, but you'll find for any bug age > bugs that both should be solvable for a developer knowing the kernel > code in question and that have not been seriously debugged. Arguably, we can't be sure that the bug wasn't worked on just because there's no confirmation of that in the Bugzilla. It _probably_ wasn't, but in fact that's uncertain. OTOH, in both cases above you can't even assume that the appropriate developer was _aware_ of the bug report. Which, BTW, is a problem even with the Bugzilla as it is configured today: it doesn't give you any guarantee that the bug report is heard of by the right people (unless, of course, it's forwarded to them by Andrew, that is, but this "mechanism" is not exactly a part of the Bugzilla itself ;-)). For this reason, I'd like the maintainers/developers of every subsystem to provide us with an address of a mailing list considered as appropriate for sending bug reports related to this particular subsystem. Then, we can make the Bugzilla forward bug reports to these lists, so that Andrew or anyone else need not handle that manually. Now, if we have such lists set up for all subsystems, we'll be able to just tell users to send bug reports there, either using the Bugzilla, or directly, with the assumption that the right people get those reports. Then, the "we didn't know about the report" kind of excuse won't be viable any more and we'll be able to exert more directed pressure at the subsystems that aren't good enough at handling bugs. Greetings, Rafael - To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists