From: Mansour Moufid <mansourmoufid@gmail.com>
To: gentoo-hardened@lists.gentoo.org
Subject: Re: [gentoo-hardened] kernel no longer in hardened-development overlay?
Date: Mon, 19 Apr 2010 19:43:28 -0400 [thread overview]
Message-ID: <x2g44a1f4d21004191643l6ed16d04yfb5eb600a8a87b1a@mail.gmail.com> (raw)
In-Reply-To: <4BCCE61C.1050302@wildgooses.com>
On Mon, Apr 19, 2010 at 7:24 PM, Ed W <lists@wildgooses.com> wrote:
> Can we please avoid annoying the few developers we have working on hardened.
I didn't mean to come off as critiquing anyone. I am a fan of the
Gentoo Hardened and Security projects. I was only stating my
impressions.
> I would also disagree that there are some big vulnerabilities just because
> your "stable" kernel is older. Personally I prefer to stay a little more up
> to date, but I think there are a good may Redhat and Centos servers running
> much older kernels than that...
I disagree. That is a dangerous assertion. It is no secret that most
vulnerabilities in Linux are fixed silently, without ever being
reported as such. Hence why older kernels are more vulnerable. As for
RedHat and CentOS:
``silently-fixing vulnerabilities
has become standard operating procedure among the kernel developers,
confusing even their own ranks as to what needs to be backported to
distro kernels or the stable tree.''[1]
[1] <http://milw0rm.com/exploits/9191>
--
Mansour Moufid
next prev parent reply other threads:[~2010-04-19 23:44 UTC|newest]
Thread overview: 23+ messages / expand[flat|nested] mbox.gz Atom feed top
2010-04-19 16:53 [gentoo-hardened] kernel no longer in hardened-development overlay? Joseph C. Lininger
2010-04-19 17:16 ` Ed W
2010-04-19 18:31 ` Michael Orlitzky
2010-04-19 19:37 ` Mike Edenfield
2010-04-19 23:02 ` Ed W
2010-04-19 19:45 ` David Sommerseth
2010-04-19 22:27 ` [gentoo-hardened] " Kerin Millar
2010-04-19 23:15 ` [gentoo-hardened] " Ed W
2010-04-20 5:14 ` Kai Dietrich
2010-04-20 11:57 ` Darknight
2010-04-20 13:34 ` Ed W
2010-04-20 13:46 ` Pavel Labushev
2010-04-19 17:46 ` [gentoo-hardened] " Kerin Millar
2010-04-19 20:12 ` Guillaume Castagnino
2010-04-19 22:56 ` Ed W
2010-04-19 23:05 ` [gentoo-hardened] " Mansour Moufid
2010-04-19 23:24 ` Ed W
2010-04-19 23:43 ` Mansour Moufid [this message]
2010-04-20 12:36 ` [gentoo-hardened] " Kerin Millar
2010-04-20 15:36 ` David Sommerseth
2010-04-19 23:35 ` [gentoo-hardened] " klondike
2010-04-20 0:00 ` Anthony G Basile
2010-04-20 5:08 ` Tóth Attila
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=x2g44a1f4d21004191643l6ed16d04yfb5eb600a8a87b1a@mail.gmail.com \
--to=mansourmoufid@gmail.com \
--cc=gentoo-hardened@lists.gentoo.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox