| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <4675C083.6080409@s5r6.in-berlin.de> Date: Mon, 18 Jun 2007 01:15:15 +0200 From: Stefan Richter <stefanr@...6.in-berlin.de> To: Bartlomiej Zolnierkiewicz <bzolnier@...il.com> CC: Andrew Morton <akpm@...ux-foundation.org>, Adrian Bunk <bunk@...sta.de>, Michal Piotrowski <michal.k.k.piotrowski@...il.com>, Oleg Verych <olecom@...wer.upol.cz>, Linus Torvalds <torvalds@...ux-foundation.org>, Andi Kleen <andi@...stfloor.org>, "Rafael J. Wysocki" <rjw@...k.pl>, Diego Calleja <diegocg@...il.com>, Chuck Ebbert <cebbert@...hat.com>, Linux Kernel Mailing List <linux-kernel@...r.kernel.org> Subject: Re: How to improve the quality of the kernel? Bartlomiej Zolnierkiewicz wrote: > despite the fact that audit takes > more time/knowledge then making the patch you will end up with zero credit > if patch turns out to be (luckily) correct. Even if you find out issues > and report them you are still on mercy of author for being credited If we introduce a "Reviewed-by" with reasonably clear semantics (different from Signed-off-by; e.g. the reviewer is not a middle-man in patch forwarding; the reviewer might have had remaining reservations... very similar to but not entirely the same as "Acked-by" as currently defined in -mm) --- and also make the already somewhat established "Tested-by" more official, --- then the maintainers could start to make it a habit to add Reviewed-by and Tested-by. Plus, reviewers and testers could formally reply with Reviewed-by and Tested-by lines to patch postings and even could explicitly ask the maintainer to add these lines. > so from personal POV you are much better to wait and fix issues after they > hit mainline kernel. You have to choose between being a good citizen and > preventing kernel regressions or being bastard and getting the credit. ;) > > If you happen to be maintainer of the affected code the choice is similar > with more pros for letting the patch in especially if you can't afford the > time to do audit (and by being maintainer you are guaranteed to be heavily > time constrained). I don't think that a maintainer (who signs off on patches after all) can easily afford to take the "bastard approach". I may be naive. -- Stefan Richter -=====-=-=== -==- =--=- http://arcgraph.de/sr/ - To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists