On Sun, Mar 23, 2003 at 08:56:06PM +0100, Martin Mares wrote:
> > Yes, I suspect he does as do most people here.
> >
> > If you do not use a vendor kernel then you assume the responsibility of
> > doing this stuff yourself. If you do not want to worry about these
> > things, use a vendor kernel.
>
> But if you assume this, what are the official releases for anyway?
It is the way Linux is heading - becoming less free. Lock-in to
distribution vendors. And soon you'll need to pay distributions
to (timely) get the fixes.
To give an instance, because I don't work for a distribution, I don't
have access to the security lists. Yet, I'm the guy who produces the
ARM patches which the ARM community at large use.
This situation caused HP to shut down their public ARM boxen while I
worked on integrating the security fix into the ARM tree. Unfortunately,
this could only happen _after_ the problem was publically announced,
which means some of HPs systems were vulnerable to attack for a few
days.
If you think Linux today is about something "free"...
--
Russell King (rmk@arm.linux.org.uk) The developer of ARM Linux
http://www.arm.linux.org.uk/personal/aboutme.html
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/
This archive was generated by hypermail 2b29 : Sun Mar 23 2003 - 22:00:45 EST