| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Fri, 4 Apr 2014 11:57:53 -0700
From: Linus Torvalds <torvalds@...ux-foundation.org>
To: Andrew Morton <akpm@...ux-foundation.org>
Cc: Andy Lutomirski <luto@...capital.net>,
"Theodore Ts'o" <tytso@....edu>, Joerg Roedel <joro@...tes.org>,
Jiri Kosina <jkosina@...e.cz>,
Mateusz Guzik <mguzik@...hat.com>,
Greg Kroah-Hartman <gregkh@...uxfoundation.org>,
Steven Rostedt <rostedt@...dmis.org>,
LKML <linux-kernel@...r.kernel.org>,
Thomas Gleixner <tglx@...utronix.de>,
"H. Peter Anvin" <hpa@...or.com>, Borislav Petkov <bp@...en8.de>,
Ingo Molnar <mingo@...nel.org>, Mel Gorman <mgorman@...e.de>,
Kay Sievers <kay@...y.org>
Subject: Re: [RFC PATCH] cmdline: Hide "debug" from /proc/cmdline
On Fri, Apr 4, 2014 at 11:51 AM, Andrew Morton
<akpm@...ux-foundation.org> wrote:
>
> Is there anything here that we really need to fix? What goes wrong if
> we leave kmsg as-is and systemd gets fixed?
Since I haven't even heard a "my bad" from the systemd people, I'd be
inclined to say that a bit of protection for future issues would be a
good idea.
But I'm not going to force the issue if people think it's solvable.
That said, the fact that we rate limit even our own sources does tend
to argue that "once bitten, twice shy" is the right approach. It
didn't take a lot of spammy device drivers overwriting out message
logs to make us go "let's rate limit device output".
Linus
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists