lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <481947AF.4090101@davidnewall.com>
Date:	Thu, 01 May 2008 14:01:43 +0930
From:	David Newall <davidn@...idnewall.com>
To:	Linus Torvalds <torvalds@...ux-foundation.org>
CC:	David Miller <davem@...emloft.net>, linux-kernel@...r.kernel.org
Subject: Re: Slow DOWN, please!!!

Linus Torvalds wrote:
> I object to your _idiotic_ claim that there are "systemic problems", where 
> your "solution" to them is apparently to stop making releases and stop 
> making forward progress.
>   

I did not say to stop making releases or forward progress. You
completely made that up! I said there are systemic problems, namely
inadequate testing and review. Slow down; don't snatch up crap changes.
Only accept them when they are properly tested and properly reviewed.


> That's why I said you told us was nothing like that. What you told us were 
> your personal problems, no "systemic" issues.

You asked me to give a specific problem, so I did, but I also said that
the particulars of those problems weren't the point. You have ignored or
twisted everything I said. Did you ask me for a specific problem purely
to attack me with it? Perhaps you did.



Linus Torvalds also wrote:
> You complain how I don't release kernels that 
> are stable, but without any suggestions on what the issue might be

You do release kernels that are unstable, and you call them "stable",
but I'm sure I said that inadequate review and testing are causes, which
I think counts as a suggestion on what the issue might be. It's been a
repeating theme in this thread, and I'm talking about what everybody
else is saying, not what I'm saying, so again, you know that I'm not
making this up.

Stop telling the world that 2.6.25 is ready for them when you know it's
not. It's now ready for beta testing, and no more. Is 2.6.24 ready for
the world yet? There are still problems being reported with it.


> And yes, there is a solution: don't develop so much. Don't allow thousands 
> of developers to be involved. Do a small core group, and make development 
> so hard or inconvenient that you only have a few tens of people who write 
> code, and vet them and force them to jump through hoops when adding new 
> features (or fixing old ones, for that matter).
>   

You're being absurd, even hysterical. How about you require test plans
and test results? Is it possible to require serious, independent code
review?

And let me talk about code review. When one puts one's name to a
reviewed-by tag one takes joint responsibility for the result. There
needs to be some sort of balanced accounting. Presently it's all glory,
where the records show who has contributed code that made it to
mainline, but nobody counts who broke the system. There's no motive to
do a good job, in fact the opposite is true. The more crap you can sneak
in, the more glory you get.

Don't you go and twist this into some sort of, "David want's to point
fingers at people who regularly introduce bugs, which we don't want to
do" and ignore the problem. There is a problem; this entire thread is
testimony to that. You, Linus, are ultimately responsible for what goes
in so you have to acknowledge that there is a problem, you have to stop
shooting the messenger, and you have to shepherd a solution.
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ