lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <4540A867.307@debian.org>
Date:	Thu, 26 Oct 2006 14:21:59 +0200
From:	"Giacomo A. Catenazzi" <cate@...ian.org>
To:	Alan Cox <alan@...rguk.ukuu.org.uk>
CC:	Andrew Morton <akpm@...l.org>, proski@....org,
	linux-kernel@...r.kernel.org
Subject: Re: incorrect taint of ndiswrapper

Alan Cox wrote:
> The stopping loading is purely because it now uses _GPLONLY symbols,
> which is fine until the user wants to load a windows driver except for
> the old CIPE driver. Some assumptions broke somewhere along the way and
> the chain of events that was never forseen unfolded.
> 
>> Now, if we do want to disallow gpl module loading after ndis-wrapper has
>> been used then fine
> 
> The problem is we do the dynamic link at module load time. We would have
> to unlink the module if it tried to taint itself, which is clearly not
> what the end user needs to suffer. Having the taint function actually
> taint and printk + return a "Linked gplonly you can't" error seems the
> better solution.
> 
> Really ndiswrapper shouldn't be using _GPLONLY symbols, that would
> actually make it useful to the binary driver afflicted again and more
> likely to be legal.

I'm confused on the discussion:
legal? I don't find how a windo$e driver can be "derived work" of Linux,
and anyway they use a "standard" interface. So it is acceptable for GPL
(IMHO and IANAL). so it is not a legal problem.

I see only a development question:
should we allow untrusted module to know and modify the
"intimate" part of kernel, and cause compability and other large
amount of problems into kernel developers, distribution and users?

So it is a political question, not a legal question!

ciao
	cate
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ