From: "Theodore Ts'o" <email@example.com> To: Leon Romanovsky <firstname.lastname@example.org> Cc: Anna Schumaker <email@example.com>, "J. Bruce Fields" <firstname.lastname@example.org>, Greg KH <email@example.com>, Aditya Pakki <firstname.lastname@example.org>, Chuck Lever <email@example.com>, Trond Myklebust <firstname.lastname@example.org>, "David S. Miller" <email@example.com>, Jakub Kicinski <firstname.lastname@example.org>, Dave Wysochanski <email@example.com>, Linux NFS Mailing List <firstname.lastname@example.org>, email@example.com, Linux Kernel Mailing List <firstname.lastname@example.org> Subject: Re: [PATCH] SUNRPC: Add a check for gss_release_msg Date: Wed, 21 Apr 2021 11:48:46 -0400 [thread overview] Message-ID: <YIBJXjCbJ1ntH1RF@mit.edu> (raw) In-Reply-To: <YIAzfsMx6bn5Twu8@unreal> On Wed, Apr 21, 2021 at 05:15:26PM +0300, Leon Romanovsky wrote: > > This thread is the first I'm hearing about this. I wonder if there is > > a good way of alerting the entire kernel community (including those > > only subscribed to subsystem mailing lists) about what's going on? It > > seems like useful information to have to push back against these > > patches. > > IMHO, kernel users ML is good enough for that. The problem is that LKML is too high traffic for a lot of people to want to follow. There are some people who have used the kernel summit discuss list (previously email@example.com, now firstname.lastname@example.org) as a place where most maintainers tend to be subscribed, although that's not really a guarantee, either. (Speaking of which, how to handle groups who submit patches in bad faith a good Maintainer Summit topic for someone to propose...) To give the devil his due, Prof. Kangjie Lu has reported legitimate security issues in the past (CVE-2016-4482, an information leak from the kernel stack in the core USB layer, and CVE-2016-4485, an information leak in the 802.2 networking code), and if one looks at his CV, he has a quite a few papers in the security area to his name. The problem is that Prof. Lu and his team seem to be unrepentant, and has some very... skewed... ideas over what is considered ethical, and acceptable behavior vis-a-vis the Kernel development community. The fact that the UMN IRB team believes that what Prof. Lu is doing isn't considered in scope for human experimentation means that there isn't any kind of institutional controls at UMN for this sort of behavior --- which is why a University-wide Ban may be the only right answer, unfortunately. - Ted
next prev parent reply other threads:[~2021-04-21 15:49 UTC|newest] Thread overview: 49+ messages / expand[flat|nested] mbox.gz Atom feed top 2021-04-07 0:16 Aditya Pakki 2021-04-07 15:34 ` J. Bruce Fields 2021-04-08 15:01 ` Trond Myklebust 2021-04-08 15:24 ` Olga Kornievskaia 2021-04-08 16:02 ` Trond Myklebust 2021-04-20 7:15 ` Greg KH 2021-04-20 17:10 ` J. Bruce Fields 2021-04-21 5:10 ` Leon Romanovsky 2021-04-21 5:43 ` Greg KH 2021-04-21 6:08 ` Leon Romanovsky [not found] ` <CA+EnHHSw4X+ubOUNYP2zXNpu70G74NN1Sct2Zin6pRgq--TqhA@mail.gmail.com> 2021-04-21 8:15 ` Greg KH 2021-04-21 10:07 ` Sudip Mukherjee 2021-04-21 10:21 ` Greg KH 2021-04-21 11:58 ` Shelat, Abhi 2021-04-21 12:08 ` Greg KH 2021-04-21 12:19 ` Leon Romanovsky 2021-04-21 13:11 ` Trond Myklebust 2021-04-21 13:20 ` Leon Romanovsky 2021-04-21 13:42 ` Steven Rostedt 2021-04-21 13:21 ` gregkh 2021-04-21 13:34 ` Leon Romanovsky 2021-04-21 13:50 ` gregkh 2021-04-21 14:12 ` Leon Romanovsky 2021-04-21 18:50 ` Alexander Grund 2021-04-21 13:37 ` J. Bruce Fields 2021-04-21 13:49 ` Leon Romanovsky 2021-04-21 13:56 ` J. Bruce Fields 2021-04-22 19:39 ` J. Bruce Fields 2021-04-23 17:25 ` Leon Romanovsky 2021-04-23 18:07 ` J. Bruce Fields 2021-04-23 19:29 ` Leon Romanovsky 2021-04-23 21:48 ` J. Bruce Fields 2021-04-24 7:21 ` Leon Romanovsky 2021-04-24 18:34 ` Al Viro 2021-04-24 21:34 ` J. Bruce Fields 2021-04-25 0:41 ` Theodore Ts'o 2021-04-25 6:29 ` Greg KH [not found] ` <20210426133605.GD21222@fieldses.org> 2021-04-26 13:47 ` J. Bruce Fields 2021-04-22 8:10 ` Sudip Mukherjee 2021-04-22 8:27 ` Greg KH 2021-04-21 12:51 ` Anna Schumaker 2021-04-21 14:15 ` Leon Romanovsky 2021-04-21 15:48 ` Theodore Ts'o [this message] 2021-04-21 17:34 ` Mike Rapoport 2021-04-22 3:57 ` Leon Romanovsky 2021-04-21 22:52 ` Guenter Roeck [not found] <CAHr+ZK-ayy2vku9ovuSB4egtOxrPEKxCdVQN3nFqMK07+K5_8g@mail.gmail.com> 2021-04-21 19:49 ` Theodore Ts'o 2021-04-22 7:50 ` Eric Biggers 2021-04-21 20:27 Weikeng Chen
Reply instructions: You may reply publicly to this message via plain-text email using any one of the following methods: * Save the following mbox file, import it into your mail client, and reply-to-all from there: mbox Avoid top-posting and favor interleaved quoting: https://en.wikipedia.org/wiki/Posting_style#Interleaved_style * Reply using the --to, --cc, and --in-reply-to switches of git-send-email(1): git send-email \ --in-reply-to=YIBJXjCbJ1ntH1RF@mit.edu \ --email@example.com \ --firstname.lastname@example.org \ --email@example.com \ --firstname.lastname@example.org \ --email@example.com \ --firstname.lastname@example.org \ --email@example.com \ --firstname.lastname@example.org \ --email@example.com \ --firstname.lastname@example.org \ --email@example.com \ --firstname.lastname@example.org \ --email@example.com \ --firstname.lastname@example.org \ --subject='Re: [PATCH] SUNRPC: Add a check for gss_release_msg' \ /path/to/YOUR_REPLY https://kernel.org/pub/software/scm/git/docs/git-send-email.html * If your mail client supports setting the In-Reply-To header via mailto: links, try the mailto: link
This is a public inbox, see mirroring instructions for how to clone and mirror all data and code used for this inbox; as well as URLs for NNTP newsgroup(s).