lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date: Tue, 23 Apr 2024 00:04:01 +0200
From: Greg KH <gregkh@...uxfoundation.org>
To: Mauro Carvalho Chehab <mchehab@...nel.org>
Cc: Konstantin Ryabitsev <konstantin@...uxfoundation.org>,
	Thorsten Leemhuis <linux@...mhuis.info>,
	Sasha Levin <sashal@...nel.org>, helpdesk@...nel.org,
	"workflows@...r.kernel.org" <workflows@...r.kernel.org>,
	LKML <linux-kernel@...r.kernel.org>
Subject: Re: Please create the email alias do-not-apply-to-stable@...nel.org
 -> /dev/null

On Mon, Apr 22, 2024 at 10:46:37PM +0100, Mauro Carvalho Chehab wrote:
> Em Mon, 22 Apr 2024 15:25:18 -0400
> Konstantin Ryabitsev <konstantin@...uxfoundation.org> escreveu:
> 
> > On Mon, Apr 22, 2024 at 05:49:29PM +0200, Thorsten Leemhuis wrote:
> > > @Greg, BTW: should this be stable+noautosel@...nel.org or have a 
> > > 'vger.'  
> > 
> > No vger, just stable+whatever@...nel.org.
> > 
> > > in it, e.g. stable+noautosel@...r.kernel.org? I assume without 'vger.'
> > > is fine, just wanted to be sure, as
> > > Documentation/process/stable-kernel-rules.rst in all other cases
> > > specifies stable@...r.kernel.org, so people are likely to get confused.
> > > :-/ #sigh  
> > 
> > These serve two different purposes:
> > 
> > stable@...nel.org (goes into devnull)
> > stable@...r.kernel.org (actual mailing list)
> > 
> > Confusion happens all the time, unfortunately.
> 
> Yeah, I did already used stable@...nel.org a few times in the
> past. 
> 
> IMO, the best would be either for stable to also accept it or for
> kernel.org mail server to return an error message (only to the
> submitter) warning about the invalid address, eventually with a
> hint message pointing to the correct value.

stable@...nel.org is there to route to /dev/null on purpose so that
developers/maintainers who only want their patches to get picked up when
they hit Linus's tree, will have happen and not notify anyone else.
This is especially good when dealing with security-related things as we
have had MANY people accidentally leak patches way too early by having
 cc: stable@...r.kernel.org in their signed-off-by areas, and forgetting
to tell git send-email to suppress cc: when sending them out for
internal review.

Having that bounce would just be noisy for the developers involved.

thanks,

greg k-h

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ