[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: thoughts on kernel security issues

From: Dmitry Torokhov <dmitry.torokhov@xxxxxxxxx>
Date: Tue, 25 Jan 2005 13:57:06 -0500
Domainkey-signature: a=rsa-sha1; q=dns; c=nofws; s=beta; d=gmail.com; h=received:message-id:date:from:reply-to:to:subject:cc:in-reply-to:mime-version:content-type:content-transfer-encoding:references; b=SjDkiNwmgSTIqkuIQnWuf2qUUZxGXJOmi7k/pCsr5H1bIMh4Hz4lSq0pCeoRuBLv7gW06CV3TdXTS6Y8XEDYfDDj+k7dX10E2kshD1RNNWWgv24gfSezedmMSfW0vqxDi+cPGpzgfy25nCRT39pNYj8eeLXymxTYotBSZ53ykBU=
References: <1106157152.6310.171.camel@laptopd505.fenrus.org> <200501191947.j0JJlf3j024206@turing-police.cc.vt.edu> <41F6604B.4090905@tmr.com> <Pine.LNX.4.58.0501250741210.2342@ppc970.osdl.org> <41F6816D.1020306@tmr.com> <41F68975.8010405@comcast.net> <Pine.LNX.4.58.0501251025510.2342@ppc970.osdl.org> <41F691D6.8040803@comcast.net>

On Tue, 25 Jan 2005 13:37:10 -0500, John Richard Moser
<nigelenki@xxxxxxxxxxx> wrote:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
> 
> 
> Linus Torvalds wrote:
> >
> > On Tue, 25 Jan 2005, John Richard Moser wrote:
> >
> >>It's kind of like locking your front door, or your back door.  If one is
> >>locked and the other other is still wide open, then you might as well
> >>not even have doors.  If you lock both, then you (finally) create a
> >>problem for an intruder.
> >>
> >>That is to say, patch A will apply and work without B; patch B will
> >>apply and work without patch A; but there's no real gain from using
> >>either without the other.
> >
> >
> > Sure there is. There's the gain that if you lock the front door but not
> > the back door, somebody who goes door-to-door, opportunistically knocking
> > on them and testing them, _will_ be discouraged by locking the front door.
> >
> 
> In the real world yes.  On the computer, the front and back doors are
> half-consumed by a short-path wormhole that places them right next to
> eachother, so not really.  :)
> 

Then one might argue that doing any security patches is meaningless
because, as with bugs, there will always be some other hole not
covered by both A and B so why bother?

-- 
Dmitry
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Follow-Ups:

Re: thoughts on kernel security issuesJohn Richard Moser

References:

Re: thoughts on kernel security issuesArjan van de Ven
Re: thoughts on kernel security issuesValdis . Kletnieks
Re: thoughts on kernel security issuesBill Davidsen
Re: thoughts on kernel security issuesLinus Torvalds
Re: thoughts on kernel security issuesBill Davidsen
Re: thoughts on kernel security issuesJohn Richard Moser
Re: thoughts on kernel security issuesLinus Torvalds
Re: thoughts on kernel security issuesJohn Richard Moser

Prev by Date: [BK PATCH] SCSI updates for 2.6.11-rc2
Next by Date: Re: [PATCH 01/04] Adding cipher mode context information to crypto_tfm
Previous by thread: Re: thoughts on kernel security issues
Next by thread: Re: thoughts on kernel security issues
Indexes:[Main][Thread]