| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-Id: <9b9c034b-19b1-4f02-b7fc-3152526c82c4@app.fastmail.com> Date: Sat, 26 Oct 2024 14:16:47 +0100 From: "Jiaxun Yang" <jiaxun.yang@...goat.com> To: "Krzysztof Kozlowski" <krzk@...nel.org>, linux-kernel@...r.kernel.org, conduct@...nel.org, security@...nel.org, cve@...nel.org, linux-doc@...r.kernel.org, "stable@...r.kernel.org" <stable@...r.kernel.org> Cc: "Linus Torvalds" <torvalds@...ux-foundation.org>, "Greg Kroah-Hartman" <gregkh@...uxfoundation.org>, shuah@...nel.org, lee@...nel.org, sashal@...nel.org, "Jonathan Corbet" <corbet@....net> Subject: Re: Concerns over transparency of informal kernel groups 在2024年10月26日十月 下午12:05,Krzysztof Kozlowski写道: > > Oh, spread more FUD under the cloak of helping the community. Reminds me > something, wait, how was it? zx? I drafted this email with good will. While I appreciate any constructive comments, this kind of unfair accusation is unacceptable. I'm not demanding anyone to take action, I'm just trying to be helpful. > >> about those informal groups. With the exception of the Linux kernel hardware security >> team, it seems none of these groups maintain a public list of members that I can >> easily find. >> >> Upon digging into the details, I’d like to raise a few concerns and offer some thoughts >> for further discussion: >> >> - Absence of a Membership Register >> Our community is built on mutual trust. Without knowing who comprises these groups, >> it's understandably difficult for people to have full confidence in their work. > > No, you might have difficulty, not "all people" which you imply. Please > stop creating sentences like you are speaking for others. You do not > speak for others. I never said "all" here, and just to quote: "I am expressing the views of a number of people I talked to but it's not fair of me to name them." The same applies to this email as well. I actually did a private RFC before sending it. Many people are unable to speak up here due to company affiliation and other concerns. > >> A publicly available membership list would not only foster trust but also allow us to >> address our recognition and appreciation. > > Nope. For some of the groups it is very intentional to hide the > membership. It was explained already why and should be pretty obvious. I might be dumb in this case, do you mind giving me a pointer to the explanation? I can draft patch to make it clear in documents. > [...] > >> >> - No Conflict of Interest Policy >> Particularly in the case of the Code of Conduct Committee, there may arise situations >> where individuals face challenging decisions involving personal connections. A conflict >> of interest policy would provide valuable guidance in such circumstances. > > Feel free to propose patches instead of claiming there is problem for > others. If you identify issue, propose a patch. Thanks, I will. I'm just aiming to gather some feedback before proposing patches. I also welcome patches from those more qualified than myself. > > Several other your replies earlier were in similar tone. I am not going > to engage in such discussions and probably neither other people, but > some think that silence is approval or agreement. Thus this reply. for > me this is just FUD. Again, I must decline to accept this sort of unfair accusation. It's indeed not the tone I'm usually speaking on the mailing list. It ought to be more straightforward for technical communications. However, in these particularly challenging times, I'm striving to maintain a humble and respectful tone whilst ensuring my views are clearly spoken. I'd be grateful for comments expressing any dissatisfaction with my approach, but I feel that personal attack ultimately do nothing constructive. Thanks. > > Best regards, > Krzysztof -- - Jiaxun
Powered by blists - more mailing lists