[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <1289151634.2478.191.camel@edumazet-laptop>
Date: Sun, 07 Nov 2010 18:40:34 +0100
From: Eric Dumazet <eric.dumazet@...il.com>
To: Dan Rosenberg <drosenberg@...curity.com>
Cc: chas@....nrl.navy.mil, davem@...emloft.net, kuznet@....inr.ac.ru,
pekkas@...core.fi, jmorris@...ei.org, yoshfuji@...ux-ipv6.org,
kaber@...sh.net, remi.denis-courmont@...ia.com,
netdev@...r.kernel.org, security@...nel.org, stable@...nel.org
Subject: Re: [PATCH 0/9] Fix leaking of kernel heap addresses in net/
Le dimanche 07 novembre 2010 à 12:25 -0500, Dan Rosenberg a écrit :
> > NACK
> >
> > Thats a pretty stupid patch series, sorry.
> >
>
> I think it might be more constructive to avoid childish name-calling and
> instead try to guide the conversation in a way that produces a patch
> that would better fit your needs. Even if you don't agree with the
> approach, it's certainly not "stupid".
>
It is stupid. Really Dan. The idea is stupid, not you.
> > You are basically ruining a lot of debugging facilities we use every day
> > to find and fix _real_ bugs. The bugs that happen to crash machines of
> > our customers.
>
> I'm going to give you the benefit of the doubt and assume you're not
> implying that security issues aren't "real" bugs, because that would be
> utterly ridiculous.
>
So what ? Because of security, we must accept even stupid patches ?
> >
> > If you want to avoid a user reading kernel syslog, why dont you fix the
> > problem for non root users able to "dmesg" ? I personally dont care.
> >
>
> This is simply the reality of the current situation. At least while the
> kernel syslog is available to unprivileged users, we need to be more
> careful of what is visible through there.
>
So instead of fixing the problem, you are going to change thousand of
kernel printk() ?
> > I am a root user on my machine, I _want_ to have some pretty basic
> > informations so that I can work on it, and I believe my work is useful.
> >
> > There are pretty easy ways to not disclose "information", but your way
> > of using '0' for all values is the dumbest idea one could ever had.
>
> I'm glad I'm capable of producing "the dumbest idea one could ever had".
> You seem to be quite set on convincing unpaid volunteers such as myself
> to stop sending in patches.
>
I am unpaid volunteer too.
I also had stupid ideas, and other guys said so.
So what ? Should I continue contributing to Linux, or assume I am stupid
and stop ?
> >
> > A single XOR with a "root only visible, random value chosen at boot"
> > would be OK. At least we could continue our work, with litle burden.
>
> Finally, a useful contribution. I'll consider this option after hearing
> from a few more people on the subject.
I am glad you like it. But it also may a _very_ stupid idea. You really
want to have a _lot_ of agreement before even considering it.
--
To unsubscribe from this list: send the line "unsubscribe netdev" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Powered by blists - more mailing lists