| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <4890C3D0.6070306@keyaccess.nl> Date: Wed, 30 Jul 2008 21:41:04 +0200 From: Rene Herman <rene.herman@...access.nl> To: Linus Torvalds <torvalds@...ux-foundation.org> CC: Adrian Bunk <bunk@...nel.org>, Stefan Richter <stefanr@...6.in-berlin.de>, Jon Smirl <jonsmirl@...il.com>, Paul Mundt <lethal@...ux-sh.org>, James Morris <jmorris@...ei.org>, Randy Dunlap <randy.dunlap@...cle.com>, Dave Jones <davej@...hat.com>, Theodore Tso <tytso@....edu>, Simon Arlott <simon@...e.lp0.eu>, lkml <linux-kernel@...r.kernel.org> Subject: Re: 463 kernel developers missing! On 30-07-08 18:56, Linus Torvalds wrote: > The fact is, people who are involved in Linux know it's public. > People make public bug-reports, and they _expect_ to get attributed. The problem here is just the _scale_ of publicness. Yes, Adrian's worry can be shrugged of I'd say but this thread is about Jon Smirl collecting addresses into a hugely public (because in tree) and hugely accessible format and while your statement above might be true for 95% of cases (99, I don't care) the use of people's personalia is just something you cannot decide on yourself ever. It's theirs. I'm in this thread because the from address on this message is in Jon's file and while I've used it myself in the past, any time it's been part of some Fooed-by tag recently it's because someone else put it there. While it's the best address I have for these uses (and so I still use it) it shouldn't work anymore even today, so I've been careful to put a future proof relay address in when I advertise a contact myself. As said before, I'm also not going to whine about it when others do put it in because they shouldn't need to concern themselves with my odd needs and wants and it's not a real problem anyway as long as the future proof one is much _more_ public. I am, therefore, just not glad that it's now being put into a file in the root of your highly publicized tree of files. Just a silly example, I know, but it doesn't really matter -- even if someone tells me he fears cosmic channeling will get the better of him if his personalia are in some resource I maintain, I jump to attention, salute, shout "SIR YES SIR!" and remove it. It's his. So now for example I'm debugging a problem with an ALSA driver with a few users at least one of which has used different email addresses during it and if I'm going to attribute any of their testing and effort, I'm going to have to ask for permission and which address was meant to be the public one. And sure, sure, I'd probably do that even today anyway but right now it's mostly a principled thing while with the addresses in the tree I'd sort of insist that anyone would, what with them being top google hits for ever more. So, if you were doing more than responding to Adrian's DCO worry here (which I do not share) the above is what I have against harvesting the addresses into a _way_ too public place/format. It's a matter of scale; as opposed to the SCM metadata, your tree itself is way too public to put anything in without very definite and explicit approval. I feel. Rene. -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists