linux-kernel.vger.kernel.org archive mirror
 help / color / mirror / Atom feed
From: Indrek Kruusa <indrek.kruusa@tuleriit.ee>
To: Horst von Brand <vonbrand@inf.utfsm.cl>
Cc: linux-kernel@vger.kernel.org
Subject: Re: Proper procedure for reporting possible security vulnerabilities?
Date: Mon, 10 Jan 2005 23:36:45 +0200	[thread overview]
Message-ID: <41E2F56D.2050900@tuleriit.ee> (raw)
In-Reply-To: <200501101959.j0AJxUvl032294@laptop11.inf.utfsm.cl>

Horst von Brand wrote:

>Indrek Kruusa <indrek.kruusa@tuleriit.ee> said:
>  
>
>>Steve Bergman wrote:
>>
>>    
>>
>>>There seems to be some confusion in certain quarters as to the proper 
>>>procedure for reporting possible kernel security issues.   
>>>REPORTING-BUGS says send bug reports to the maintainer of that area of 
>>>the kernel.
>>>      
>>>
>>Unfortunately my english is not on a par with this but this document 
>>*needs* updating at every corner and after that the direct hyperlink to 
>>this document on the kernel.org should be placed above links of the 
>>kernel source (currently it is somewhere at the middle of the page). And 
>>the note "please read before using vanilla kernel" should be in red. It 
>>*seems* to me that there is a big cap between reality and this 
>>document/common sense (in the days of heavily patched kernels and 2.6 
>>devel. model). There should be several separate parts in this document: 
>>for kernel developers, for distro makers, for "smart" users, for 
>>"enthusiasts"....
>>    
>>
>
>Write something up, I'd be happy to help polishing English. And you'll find
>more helpers on LKML.
>  
>
sorry, but... yes, it was meant as "I am ready to help" :) but 
definitely I am not the right person to start to change this document. I 
can assist as linux user who need some information about bug reporting 
and how/why I should use sources from kernel.org at all. I have no idea 
what is desired by kernel developers (obviously they need good reports 
from informed users and less annoying traffic in LKML...maybe this 
letter is similar, sorry) but I have seen that those old school 
enthusiasts who are going to compile their custom kernel after every new 
release or -ac - they are not happy 'cause something which was part of 
their life (faster, smaller and maybe safer custom system) is now quite 
hard to achieve. Explanation would be nice for them, maybe even in 
kernel README.

thanks,
Indrek


       reply	other threads:[~2005-01-10 21:41 UTC|newest]

Thread overview: 36+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
     [not found] <200501101959.j0AJxUvl032294@laptop11.inf.utfsm.cl>
2005-01-10 21:36 ` Indrek Kruusa [this message]
2005-01-10 16:46 Steve Bergman
2005-01-10 18:23 ` Indrek Kruusa
2005-01-10 19:24 ` Alan Cox
2005-01-11  9:32   ` Florian Weimer
2005-01-10 21:31 ` Florian Weimer
2005-01-10 21:42   ` Steve Bergman
2005-01-10 22:08     ` Diego Calleja
2005-01-11  0:19       ` Barry K. Nathan
2005-01-11  0:45         ` Diego Calleja
2005-01-11  9:35         ` Florian Weimer
2005-01-11 16:57         ` Jesper Juhl
2005-01-11 17:05           ` Jan Engelhardt
2005-01-10 22:09     ` linux-os
2005-01-11  0:44       ` Barry K. Nathan
2005-01-10 22:11     ` Jesper Juhl
2005-01-11  0:40       ` Chris Wright
2005-01-11  1:09         ` Diego Calleja
2005-01-11  1:18           ` Chris Wright
2005-01-11 17:05         ` Jesper Juhl
2005-01-11 16:39           ` Alan Cox
2005-01-11 21:25             ` Jesper Juhl
2005-01-11 21:29               ` Chris Wright
2005-01-12 21:05                 ` Jesper Juhl
2005-01-17 22:49                 ` Werner Almesberger
2005-01-17 22:52                   ` Chris Wright
2005-01-17 23:23                     ` Christoph Hellwig
2005-01-17 23:26                       ` Chris Wright
2005-01-17 23:57                         ` Alan Cox
2005-01-18  1:08                           ` Chris Wright
2005-01-11 17:57           ` Chris Wright
2005-01-12 12:23           ` Florian Weimer
2005-01-11  9:49       ` Florian Weimer
2005-01-11 16:10     ` Alan Cox
2005-01-12 12:33       ` Florian Weimer
2005-01-13 15:36         ` Alan Cox

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=41E2F56D.2050900@tuleriit.ee \
    --to=indrek.kruusa@tuleriit.ee \
    --cc=linux-kernel@vger.kernel.org \
    --cc=vonbrand@inf.utfsm.cl \
    --subject='Re: Proper procedure for reporting possible security vulnerabilities?' \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).