Re: thoughts on kernel security issues

From: Greg KH
Date: Wed Jan 12 2005 - 21:05:16 EST

Next message: Radheka Godse: "[Bonding-devel] [PATCH] Support to configure multiple bonds withdifferent module params"
Previous message: Greg KH: "Re: debugfs directory structure"
In reply to: Dave Jones: "Re: thoughts on kernel security issues"
Next in thread: Linus Torvalds: "Re: thoughts on kernel security issues"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Wed, Jan 12, 2005 at 03:53:50PM -0500, Dave Jones wrote:
>
> If you turned the current model upsidedown and vendor-sec learned
> about issues from security@xxxxxxxxxx a few days before it'd at
> least give us *some* time, as opposed to just springing stuff
> on us without warning.

I think having security@ notify vendor-sec when it finds a real problem
would be a good idea, as a lot of stuff is just sifting through finding
the root cause and fix. And if security@ still has it's "5 day
countdown" type thing, that still gives you (and me) at least a few days
to run around like mad to update things, which is better than nothing :)

thanks,

greg k-h
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Next message: Radheka Godse: "[Bonding-devel] [PATCH] Support to configure multiple bonds withdifferent module params"
Previous message: Greg KH: "Re: debugfs directory structure"
In reply to: Dave Jones: "Re: thoughts on kernel security issues"
Next in thread: Linus Torvalds: "Re: thoughts on kernel security issues"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]