lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:	Wed, 27 Jun 2007 11:18:36 +0200
From:	Zoltán HUBERT <zoltan.hubert@...ero.com>
To:	linux-kernel@...r.kernel.org
Subject: Re: Please release a stable kernel Linux 3.0

Thanks Roland,

On Tuesday 26 June 2007 21:03, Roland Kuhn wrote:
> On 26 Jun 2007, at 16:37, Zoltán HUBERT wrote:
> > Whatever "stable" means.
>
> What you mean by "stable" pretty much excludes any
> serious development, without which the Linux kernel would
> very soon be obsolete. If you want a stable system, then
> don't change it. 

This is a problem. Do you remember that kernel vulnerability 
in 2.4 that made the Debian servers be attacked ? And 
mplayerhq.hu too if I remember right ? So what are we 
supposed to do with a perfect and optimised system, running 
smoothly, with an older kernel where some nasty bug is 
discovered ?

In MacOS X, you click "System Update" and you're done. 

In Linux, I expect "download the newest stable kernel, 
configure, compile, install, reboot". 

If I have to rely on the distribution to help me it spoils 
the whole benefit of open source. I don't trust Novell or 
RedHat or Google more than Microsoft or Apple. You "kernel 
developpers" are the keepers of the flame.

> If you update to a kernel which is 2.5 
> years newer, you simply cannot have stability, because
> that would mean stagnation, aka "death".

PostScript is a very old language yet we all still use it 
every day. HTML is a very old "thing" and we use it 
every-day, and it's still compatible with newer and older 
stuff.

I'm a system engineer, and a "stable" system is one where 
the interfaces are stable. Individual components can 
change, and do change, but if you change fundamental 
interfaces it is not the same system. Of course I 
understand that "sometimes" fundamental things have to 
change, but here "sometimes" is the keyword. If its 
"anytime" it simply is no stable system. And yes, designing 
and maintaining interfaces is a very difficult job.

I don't remember how it was during 2.4 and before, but I 
find it very suspicious that SuSE and RedHat only provide 
2.6.10 and 2.6.9 for their OS. It looks as if THEY didn't 
trust 2.6.x to be a replacement to 2.6.y

And as I understand it, this is (was ?) the whole point of 
stable/development kernels. "We" can trust a newer stable 
kernel to be a drop-in replacement for an older stable 
kernel (from the same series), while development kernels 
need time to stabilise with the new whizz-bang-pfouit stuff 
that you all so nicely add. 

Are the good ol' days lost in nostalgia ?

bye

Zoltán




-- 
 
________________________

Zoltan
________________________

 
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ