| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Wed, 27 Jun 2007 11:54:25 +0200 From: Alan McKinnon <alan@...uxholdings.co.za> To: linux-kernel@...r.kernel.org Subject: Re: Please release a stable kernel Linux 3.0 On Wednesday 27 June 2007, Zoltán HUBERT wrote: > If I have to rely on the distribution to help me it spoils > the whole benefit of open source. I don't trust Novell or > RedHat or Google more than Microsoft or Apple. You "kernel > developpers" are the keepers of the flame. You seem to misunderstand kernel development. You also seem to expect a lot from something that is gifted to you gratis. These nice people at kernel.org have never claimed that they will support older kernel versions. What they have said is that the -stable team currently publish 2.6.20 and 2.6.21 while Adrian Bunk is doing his thing with 2.6.16. As for back-porting new stuff into old kernels, that's the distro's job. If you don't trust the distro, then get one you do trust. If you trust none of them, then can I suggest you use the one resource you *can* trust - yourself? *That* is the "whole benefit of open source" - you get to do it yourself if you choose to/need to [snip] > I don't remember how it was during 2.4 and before, but I > find it very suspicious that SuSE and RedHat only provide > 2.6.10 and 2.6.9 for their OS. It looks as if THEY didn't > trust 2.6.x to be a replacement to 2.6.y No, it means they chose 2.6.whatever for a specific version of their OS and they maintain that kernel series to fit that OS. They also do not take any arb new glibc version and stick that into the OS either, because that breaks stuff. But I don't see you complaining about that. > And as I understand it, this is (was ?) the whole point of > stable/development kernels. "We" can trust a newer stable > kernel to be a drop-in replacement for an older stable > kernel (from the same series), while development kernels > need time to stabilise with the new whizz-bang-pfouit stuff > that you all so nicely add. That might have been the case in the 2.4 era, but it's not the case now. It changed early on in the 2.6 series and it was changed for very sound engineering reasons. Put simply - a stable/dev scenario just didn't work and there was way tooo much work for way too little gain. Distros themselves are the best resource to supply stable kernels, because they have been doing that anyway for a long time now. alan -- Optimists say the glass is half full, Pessimists say the glass is half empty, Developers say wtf is the glass twice as big as it needs to be? Alan McKinnon alan at linuxholdings dot co dot za +27 82, double three seven, one nine three five - To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists