| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Thu, 4 Jun 2020 07:27:20 +1000 (AEST)
From: James Morris <jmorris@...ei.org>
To: Linus Torvalds <torvalds@...ux-foundation.org>
cc: Linux Kernel Mailing List <linux-kernel@...r.kernel.org>,
LSM List <linux-security-module@...r.kernel.org>
Subject: Re: [GIT PULL][Security] lockdown: Allow unprivileged users to see
lockdown status
On Tue, 2 Jun 2020, Linus Torvalds wrote:
> On Mon, Jun 1, 2020 at 7:15 PM James Morris <jmorris@...ei.org> wrote:
> >
> > Just one update for the security subsystem: allows unprivileged users to
> > see the status of the lockdown feature. From Jeremy Cline.
>
> Hmm.
>
> That branch seems to have sprouted another commit just today.
Oops, sorry, I thought it was already pulled.
>
> I ended up taking that too as trivial, but it shows how you seem to
> basically send me a pointer to a live branch. Please don't do that.
> When you make changes to that branch, I now get those changes that you
> may not have meant to send me (and that I get upset for being
> surprised by).
>
> An easy solution to that is to send me a signed tag instead of a
> pointer to a branch. Then you can continue to update the branch, while
> the tag stays stable.
>
> Plus we've been encouraging signed tags for pull requests anyway.
Ok.
--
James Morris
<jmorris@...ei.org>
Powered by blists - more mailing lists