Re: Kernel releases for security updates

From: Alan Cox
Date: Fri Jan 14 2005 - 21:00:17 EST

Next message: Alan Cox: "Re: thoughts on kernel security issues"
Previous message: Andi Kleen: "Re: [PATCH 1/1] pci: Block config access during BIST (resend)"
In reply to: Frank Steiner: "Re: Kernel releases for security updates"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Gwe, 2005-01-14 at 08:01, Frank Steiner wrote:
> I guess the new -as tree is more or less achieving what you want. If
> Andres gets enough support from other people, it might be possible to
> maintain even more than one or two former releases...

The problem is deciding what goes into such a tree. Do you go security
fixes only which nobody afaik is doing now, do you mix them with key
fixes and if so how far do you add fixes - thats a real PITA because you
can get odd clear fixes for minor problems (eg NFS df) that have never
been tested hard standalone. You can also get dependancies on
non-security fixes for security - -ac for example included my IDE work
to deal with the various IDE exploits/races. Though only minor security
wise there isn't a trivial fix for these with the broken locking in
Linus IDE and its going to take time for Bartlomiej to be happy with my
locking changes.

Alan

-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Next message: Alan Cox: "Re: thoughts on kernel security issues"
Previous message: Andi Kleen: "Re: [PATCH 1/1] pci: Block config access during BIST (resend)"
In reply to: Frank Steiner: "Re: Kernel releases for security updates"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]