lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Date: Tue, 14 Jul 2020 00:02:49 +0200 From: "Alexander A. Klimov" <grandmaster@...klimov.de> To: Masami Hiramatsu <mhiramat@...nel.org>, "Naveen N. Rao" <naveen.n.rao@...ux.ibm.com> Cc: anil.s.keshavamurthy@...el.com, corbet@....net, davem@...emloft.net, linux-doc@...r.kernel.org, linux-kernel@...r.kernel.org, Ananth N Mavinakayanahalli <ananth@...ux.ibm.com> Subject: Re: [PATCH] Replace HTTP links with HTTPS ones: kprobes Am 13.07.20 um 16:20 schrieb Masami Hiramatsu: > Hi Naveen and Alexander, > > On Fri, 10 Jul 2020 19:14:47 +0530 > "Naveen N. Rao" <naveen.n.rao@...ux.ibm.com> wrote: > >> Masami Hiramatsu wrote: >>> On Tue, 7 Jul 2020 21:49:59 +0200 >>> "Alexander A. Klimov" <grandmaster@...klimov.de> wrote: >>> >>>> Rationale: >>>> Reduces attack surface on kernel devs opening the links for MITM >>>> as HTTPS traffic is much harder to manipulate. >>>> >>>> Deterministic algorithm: >>>> For each file: >>>> If not .svg: >>>> For each line: >>>> If doesn't contain `\bxmlns\b`: >>>> For each link, `\bhttp://[^# \t\r\n]*(?:\w|/)`: >>>> If both the HTTP and HTTPS versions >>>> return 200 OK and serve the same content: >>>> Replace HTTP with HTTPS. >>> >>> OK, but it seems that some of them are disappeared :( >>> >>> http://www-106.ibm.com/developerworks/library/l-kprobes.html?ca=dgr-lnxw42Kprobe >>> >>> -> https://www.ibm.com/developerworks/library/l-kprobes/index.html >> >> That looks right. >> >>> >>> http://www.redhat.com/magazine/005mar05/features/kprobes/ >>> >>> -> I can not find that. >> >> Ditto, we should drop that. >> >>> >>>> - http://www-users.cs.umn.edu/~boutcher/kprobes/ >>>> - http://www.linuxsymposium.org/2006/linuxsymposium_procv2.pdf (pages 101-115) >>> >>> Both are not found. >> >> It looks like the first link is gone, but there seems to be a copy in >> the web archive: >> https://web.archive.org/web/20061106154519/http://www-users.cs.umn.edu/~boutcher/kprobes/ >> >> I suppose we can drop that link. >> >>> >>> (OT, it seems http://www.linuxsymposium.org/ has been left from historical >>> Linux Symposium, we must remove it asap) >> >> Indeed, I think that link pointed to the Kprobes paper: >> https://www.kernel.org/doc/ols/2006/ols2006v2-pages-109-124.pdf > > Ah, there is. > Thank you for the confirmation. > Alexander, can you update other urls instead of just replacing the http with https? Sry, but I don't steal others' work (on principle). If I didn't the work (e.g. searched the replacement URL), I don't deserve to author the respective commit. Also my HTTPSifying task is not done yet. > >> >> >> - Naveen >> > >
Powered by blists - more mailing lists