| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Tue, 05 May 2009 20:39:05 +0930 From: David Newall <davidn@...idnewall.com> To: Theodore Tso <tytso@....edu>, "Eric W. Biederman" <ebiederm@...ssion.com>, Chris Friesen <cfriesen@...tel.com>, Dave Kleikamp <shaggy@...ux.vnet.ibm.com>, Matthew Wilcox <matthew@....cx>, "Paul E. McKenney" <paulmck@...ux.vnet.ibm.com>, tridge@...ba.org, Al Viro <viro@...IV.linux.org.uk>, Pavel Machek <pavel@....cz>, Christoph Hellwig <hch@...radead.org>, Steve French <smfrench@...il.com>, Ogawa Hirofumi <hirofumi@...l.parknet.co.jp>, linux-fsdevel <linux-fsdevel@...r.kernel.org>, Michael Tokarev <mjt@....msk.ru>, LKML <linux-kernel@...r.kernel.org>, Olivier Galibert <galibert@...ox.com> Subject: Re: [PATCH] Add CONFIG_VFAT_NO_CREATE_WITH_LONGNAMES option Theodore Tso wrote: > On Mon, May 04, 2009 at 09:30:20AM -0700, Eric W. Biederman wrote: > >> When all of the pieces are public how can having secret veiled reasons >> make sense? >> > > Legal reasoning and strategy often needs to be kept confidential. But those needs must defer to the open and public nature of the kernel. When you propose a change without saying why you giving the clear and strong impression that something secret is going down and we should just trust you. That puts everyone in an awkward position because there's now a risk that can't be properly evaluated. Whether your patch goes in; whether it doesn't; it now seems there's something fishy about long filenames, and to be safe, perhaps it would be better to just turn off anything to do with FAT filesystems. Who would care, right? Unless i turns out that Linux no longer has the essential features. Unless disrupting Linux was the point, and of course it isn't, it seems that full disclosure is required. And that's before any patch should even be looked at. > Note: We don't always ask people for the reason behind why they want, > say, cgroups to control I/O throttling for example. They may have a > secret business case for how they will be able to leverage that > technology with some application stack to make tons and tons of money > --- and we don't require that deep motives be revealed in those cases. > One might not give the deep reason, but if no sufficient reason is given then there's no sufficient reason and the answer is no. We don't want features just for the sake of another knob to twiddle. It has to be a *useful* knob. > Or possibly it's because it is believed that [a patent] could be > invalidated, > which is why OIN is requesting prior art even though the last time to > invalidate the patent through prior art was denied by the patent > office. Whether or not it's disclosed, you have to believe that any change related to a patent issue will be noticed by people interested in that issue. You can make a disclosure without making an admission or claim. And then everybody understands what's going on. -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists