Re: thoughts on kernel security issues

From: Florian Weimer
Date: Fri Jan 14 2005 - 09:53:18 EST

Next message: Ian Molton: "Re: MMC Driver RFC"
Previous message: Jean Delvare: "Re: 2.6.10-mm2: it87 sensor driver stops CPU fan"
In reply to: Julian T. J. Midgley: "Re: thoughts on kernel security issues"
Next in thread: Julian T. J. Midgley: "Re: thoughts on kernel security issues"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

* Julian T. J. Midgley:

>>vendor suffer from that as well. Suppose vendors learn of a problem in
>>a product they visibly use such as apache or rsync. If all vendors
>>suddenly update their versions or disable things that will be noticed as
>>well, so vendors can't do that.
>
> I don't buy that at all. There are numerous reasons for updating
> programs or disabling things, of which fixing security holes is but
> one.

People used to monitor large name servers run by the in-crowd for
synchronous updates, to get advance notice of the existence of BIND
security holes. AFAIK, it was a reliable indicator.
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Next message: Ian Molton: "Re: MMC Driver RFC"
Previous message: Jean Delvare: "Re: 2.6.10-mm2: it87 sensor driver stops CPU fan"
In reply to: Julian T. J. Midgley: "Re: thoughts on kernel security issues"
Next in thread: Julian T. J. Midgley: "Re: thoughts on kernel security issues"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]