mailing list archives
Re: Port Randomization: New revision of our IETF Internet-Draft
From: Pavel Labushev <p.labushev () gmail com>
Date: Wed, 03 Sep 2008 02:18:13 +0800
Valdis.Kletnieks () vt edu ?????:
On Tue, 02 Sep 2008 17:17:43 +0800, Pavel Labushev said:
"SECURITY PATCH tag on a fix" helps me to know that there is the problem
and I must consider the patch, check its correctness and maybe
test/backport/apply it to my production systems ASAP. Just as another
tags helps me to know that there are realiability and other issues I
must care about.
OK, now s/security patch/silent data corruption/ and tell me what's *actually*
The consequences are actually and obviously different. Now, please, try
to figure out that by yourself. Forget about Linus' point. Pretend
you're system administrator and try to think like one.
Wow, you still need to consider it, check it, test it, and deploy it.
Unless of course you don't give a shit about your data. But in that case,
the security patch can probably be overlooked too.
Hint: the data can be backed up.
That's Linus's point - if the patch is important enough to go into one of
the -stable tree kernels, it's probably something you want to install, whether
or not it's a security patch.
Whether or not so-called -stable kernels are always stable - is another
question. And not a last one - there are more.
Full-Disclosure - We believe in it.
Hosted and sponsored by Secunia - http://secunia.com/
Message not available