lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:	Sun, 7 Sep 2014 20:17:11 -0700
From:	Linus Torvalds <torvalds@...ux-foundation.org>
To:	Tejun Heo <tj@...nel.org>
Cc:	Linux Kernel Mailing List <linux-kernel@...r.kernel.org>,
	Li Zefan <lizefan@...wei.com>, cgroups@...r.kernel.org
Subject: Re: [GIT PULL] cgroup fixes for v3.17-rc4

On Sun, Sep 7, 2014 at 6:20 PM, Tejun Heo <tj@...nel.org> wrote:
>
>                   While this is a userland visible
> behavior change, given the craziness of allowing '\n' and its
> implications, I believe the change is justified.

Tejun, absolutely nothing "justifies" things if they break. Not "bad
design", not "craziness". Even security issues should be worked around
without breaking, if at all possible,

However, "userland visible" is only relevant _if_ things break.
Presumably nobody actually uses '\n' in a cgroup name. And if nothing
breaks, you don't need the excuses.

In other words, I'll happily pull this, but your excuses for it are
wrong-headed. There is no "crazyness justifies this". That's crap. But
the argument of "nobody does this, so let's fix it before anybody
_starts_ doing it" is perfectly valid - with the deep and implicit
understanding that if it turns out somebody *does* do it, the change
gets reverted asap.

People need to understand this. "Theoretical ABI breakage" is entirely
irrelevant. Nobody cares. But any _actual_ ABI breakage is a complete
no-no.

So next time you realize "ok, this could break things", don't make
excuses. Look for alternatives (maybe the name can be escaped, for
example), or take the approach of "let's hopw nobody notices".

None of this "the interface is crazy, so we can change it".  Because
that is pure and utter BS. Whether the interface is crazy or not is
*entirely* irrelevant to whether it can be changed or not. The only
thing that matters is whether people actually _trigger_ the issue you
have in reality, not whether the issue is crazy.

See the difference?

                 Linus
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ