| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-Id: <200706180222.55282.bzolnier@gmail.com> Date: Mon, 18 Jun 2007 02:22:55 +0200 From: Bartlomiej Zolnierkiewicz <bzolnier@...il.com> To: Stefan Richter <stefanr@...6.in-berlin.de> Cc: Andrew Morton <akpm@...ux-foundation.org>, Adrian Bunk <bunk@...sta.de>, Michal Piotrowski <michal.k.k.piotrowski@...il.com>, Oleg Verych <olecom@...wer.upol.cz>, Linus Torvalds <torvalds@...ux-foundation.org>, Andi Kleen <andi@...stfloor.org>, "Rafael J. Wysocki" <rjw@...k.pl>, Diego Calleja <diegocg@...il.com>, Chuck Ebbert <cebbert@...hat.com>, Linux Kernel Mailing List <linux-kernel@...r.kernel.org> Subject: Re: How to improve the quality of the kernel? On Monday 18 June 2007, Stefan Richter wrote: > Bartlomiej Zolnierkiewicz wrote: > > despite the fact that audit takes > > more time/knowledge then making the patch you will end up with zero credit > > if patch turns out to be (luckily) correct. Even if you find out issues > > and report them you are still on mercy of author for being credited > > If we introduce a "Reviewed-by" with reasonably clear semantics > (different from Signed-off-by; e.g. the reviewer is not a middle-man in > patch forwarding; the reviewer might have had remaining reservations... > very similar to but not entirely the same as "Acked-by" as currently > defined in -mm) --- and also make the already somewhat established > "Tested-by" more official, --- then the maintainers could start to make > it a habit to add Reviewed-by and Tested-by. > > Plus, reviewers and testers could formally reply with Reviewed-by and > Tested-by lines to patch postings and even could explicitly ask the > maintainer to add these lines. Sounds great. > > so from personal POV you are much better to wait and fix issues after they > > hit mainline kernel. You have to choose between being a good citizen and > > preventing kernel regressions or being bastard and getting the credit. ;) > > > > If you happen to be maintainer of the affected code the choice is similar > > with more pros for letting the patch in especially if you can't afford the > > time to do audit (and by being maintainer you are guaranteed to be heavily > > time constrained). > > I don't think that a maintainer (who signs off on patches after all) can > easily afford to take the "bastard approach". I may be naive. Well, I'm not doing it myself but I find it tempting... ;) In case of being maintainer "bastard approach" is more about not discouraging developers by holding patches for too long than about getting credit. Bart - To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists