lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:	Sun, 29 Apr 2007 00:33:14 +0200
From:	Adrian Bunk <bunk@...sta.de>
To:	Neil Brown <neilb@...e.de>
Cc:	"Martin J. Bligh" <mbligh@...igh.org>,
	Linus Torvalds <torvalds@...ux-foundation.org>,
	Diego Calleja <diegocg@...il.com>,
	Chuck Ebbert <cebbert@...hat.com>,
	Linux Kernel Mailing List <linux-kernel@...r.kernel.org>,
	Andrew Morton <akpm@...l.org>
Subject: Re: Linux 2.6.21

On Sun, Apr 29, 2007 at 08:11:30AM +1000, Neil Brown wrote:
> On Saturday April 28, mbligh@...igh.org wrote:
>...
> > As Andrew has pointed out before though - even though he forwards
> > the bugs, nobody does anything with it. The sad truth seems to be
> > that people have very little interest in fixing bugs when they are
> > reported - it's not sexy, I guess.
> 
> Not sexy, and also not at all easy.   A lot of the interesting bugs
> seem to be subtle interactions between separate parts of the kernel -
> one part making an assumption or exhibiting a behaviour that the other
> part didn't expect.  And we all know that writing bug^Wcode is easier
> than removing bugs.  I can spend hour and hours reading through code
> trying to get the big picture, and end up finding a one-line change
> that then needs documenting, testing and external review.  It's not
> easy.
> 
> > I'm still unconvinced the users or the tool are the problem, but if it
> > makes you happier, we can do that.
> 
> No, they aren't the problem.  Bugs are the problem.  But they might be
> a more effective part of the solution.
> 
> My perception of the kernel bugzilla is that visibility is very low.
> 
> I think there is value in weekly reminders, and I wouldn't mind seeing
> a weekly Email on linux-kernel with something like a list of open bugs
> that have not seen any activity in between 1 and 2 weeks.  It might
> get someone out-of-area interested, and might be noticed by someone
> who thinks they are in-area and get them wondering why they didn't
> find out when the bug was first reported.

The 100 kB email limit has to be lifted for this... 

More seriously, there are > 1000 open bugs in the kernel Bugzilla 
without any activity during the last 2 weeks.

The problem is usually either "Not sexy, and also not at all easy." or
"no maintainer".

Technology can assist, but there are non-technical problems you can't 
solve through technology.

> NeilBrown

cu
Adrian

-- 

       "Is there not promise of rain?" Ling Tan asked suddenly out
        of the darkness. There had been need of rain for many days.
       "Only a promise," Lao Er said.
                                       Pearl S. Buck - Dragon Seed

-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ