Re: Patch 4/6 randomize the stack pointer

[Arjan van de Ven]

On Thu, 2005-01-27 at 13:04 -0500, John Richard Moser wrote:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
> 
> What the hell?
> 
> So instead of bringing something in that works, you bring something in
> that does significantly less, and gives no savings on overhead or patch
> complexity why?  So you can later come out and say "We're so great now
> we've increased the randomization by tweaking one variable aren't we
> cool!!!"?

no it is called getting features in via a long incremental and
debuggable patch series.
Apparently you still don't understand that despite the long flamewar in
that other thread. I can't think of any more I can do to explain to you
why doing things in incremental steps is good on top of that.

> 
> Red Hat is all smoke and mirrors anyway when it comes to security, just
> like Microsoft.  This just reaffirms that.

I think you've been talking too much to another so called security
expert that has been spouting similar words on full-disclosure recently.

And I have to wonder.. where does Red Hat come in here?


-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/