On Tue, 02 Jul 2002 15:47:53 PDT, Greg KH <gregat_private> said: > No, he does just that. When I change a USB API, I change all 30+ > drivers that use it. As you state, it's good etiquette, and is one of > the benefits of having your code in the kernel tree. The problem is that it's fairly easy to track down the 34 drivers that use an API. It's a lot harder to discover that your change in the API necessitates a code change in a 35th module that doesn't even CALL your code or anything related to it. It's even harder when you consider that in all likelihood, failing to change that 35th module will *not* OOPS the kernel, and won't even result in noticably incorrect behavior. Until it gets posted to Bugtraq. ;) The problem is that although the average Linux kernel hacker is *very* talented, doing security requires a different mindset, and sometimes the issues are *very* subtle - there was a fairly long thread back in February regarding "permission hook in filemap_nopage", and it wasn't till late April that any of *US* noticed that maybe a hook in pivot_root might be useful. ;) And yes, I'd be OK if our methodology was "watch the patches and hope nothing slips past un-noticed" - as long as we're clear on that. :) -- Valdis Kletnieks Computer Systems Senior Engineer Virginia Tech
This archive was generated by hypermail 2b30 : Tue Jul 02 2002 - 19:40:27 PDT