| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Mon, 06 Jun 2011 20:46:06 +0200 From: pageexec@...email.hu To: Linus Torvalds <torvalds@...ux-foundation.org> CC: Andi Kleen <andi@...stfloor.org>, Andy Lutomirski <luto@....edu>, Ingo Molnar <mingo@...e.hu>, x86@...nel.org, Thomas Gleixner <tglx@...utronix.de>, linux-kernel@...r.kernel.org, Jesper Juhl <jj@...osbits.net>, Borislav Petkov <bp@...en8.de>, Andrew Morton <akpm@...ux-foundation.org>, Arjan van de Ven <arjan@...radead.org>, Jan Beulich <JBeulich@...ell.com>, richard -rw- weinberger <richard.weinberger@...il.com>, Mikael Pettersson <mikpe@...uu.se>, Brian Gerst <brgerst@...il.com>, Louis Rilling <Louis.Rilling@...labs.com>, Valdis.Kletnieks@...edu Subject: Re: [PATCH v5 9/9] x86-64: Add CONFIG_UNSAFE_VSYSCALLS to feature-removal-schedule On 6 Jun 2011 at 22:56, Linus Torvalds wrote: > On Mon, Jun 6, 2011 at 7:39 PM, <pageexec@...email.hu> wrote: > > > > what is annoying is your covering up of security fixes on grounds that you don't want > > to help script kiddies (a bullshit argument as it were) but at the same time question > > proactive security measures (one can debate the implementation, see my other mail) that > > would *actually* prevent the same kiddies from writing textbook exploits. > > Shut up unless you have any real arguments. I know you have your > hangups, and I just don't care. i have real arguments, i told them to you but i have yet to see anything expect silly name calling from you. is that the best you can do? seriously? > Calling the old vdso "UNSAFE" as a config option is just plain stupid. > t's a politicized name, with no good reason except for your political > agenda. And when I call it out as such, you just spout the same tired > old security nonsense. i didn't choose this name, Andy did but i happen to agree with it. whether you like it or not is frankly and quite obviously irrelevant to me ;). as for political agenda, tell me more, i'd like to know what it is. exposing your lies to the public about doing full disclosure but still covering up the security fixes is not politics, it's called honesty. not yours, mine. maybe that's what bothers you. > I'm happy with perhaps moving away from the fixed-address vdso, it's not about the vdso that has been mmap'ed and randomized for quite some time now. it's about the amd64 specific vsyscall page. > but that does not excuse bad naming and non-descriptive crap like the > feature-removal thing, and all the insanity going on in the thread. If > the config option is about removing the legacy vdso, then CALL IT > THAT, instead of spouting idiotic and irrelevant nonsense. noone wants to remove the legacy vdso as one can simply configure out that option already. it's about introducing a similar option for vsyscall. -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists