From: firstname.lastname@example.org To: Ingo Molnar <email@example.com> Cc: Linus Torvalds <firstname.lastname@example.org>, Andi Kleen <email@example.com>, Andy Lutomirski <firstname.lastname@example.org>, email@example.com, Thomas Gleixner <firstname.lastname@example.org>, email@example.com, Jesper Juhl <firstname.lastname@example.org>, Borislav Petkov <email@example.com>, Andrew Morton <firstname.lastname@example.org>, Arjan van de Ven <email@example.com>, Jan Beulich <JBeulich@novell.com>, richard -rw- weinberger <firstname.lastname@example.org>, Mikael Pettersson <email@example.com>, Brian Gerst <firstname.lastname@example.org>, Louis Rilling <Louis.Rilling@kerlabs.com>, Valdis.Kletnieks@vt.edu Subject: Re: [PATCH v5 9/9] x86-64: Add CONFIG_UNSAFE_VSYSCALLS to feature-removal-schedule Date: Tue, 07 Jun 2011 02:34:42 +0200 Message-ID: <4DED7222.28864.150079CE@pageexec.freemail.hu> (raw) In-Reply-To: <20110606192544.GA28947@elte.hu> On 6 Jun 2011 at 21:25, Ingo Molnar wrote: > * email@example.com <firstname.lastname@example.org> wrote: > > > [...] it goes like 'I am not willing to do A because it would help > > script kiddies but I'd rather do B that would help script kiddies'. > > with A = 'disclose security bugs' and B = 'keep the last roadblock > > that prevents full ASLR'. > > No, that's wrong, the logic goes like this: > > if i do A then it has X1 advantages and Y1 disadvantages. > if i do B then it has X2 advantages and Y2 disadvantages. > > The Y1 and Y2 set of disadvantages can both include "making it easier > for script kiddies" but the sets of advantages and disadvantages can > also include MANY OTHER considerations, making the decision unique in > each case. sure, i was only reflecting on what Linus himself kept insisting on in the past. > To translate it to this specific case (extremely simplifed, so please > don't nit-pick that my descriptions of advantages and disadvantages > are not precise nor complete): i don't even need to get there, you already failed right in the very first sentence, very impressive. no. 'not precise' is an understatement. > A) "i put a zero day exploit and a CVE code into a changelog" > > Advantages: - it describes the problem more fully > > Disadvantages: - it makes it easier for people (including script kiddies) do harm faster > - creates a false, misleading category for "security bugs" > you try to set things up to serve your argument but it's not the things we've ever talked about (IOW, this is a strawman). in particular, i've never ever requested exploits in commit logs (and i don't remember anyone else who has, do you?). why do you keep thinking in only extremes? is it so impossible to simply state a CVE and the generic bug class (CWE) that the commit fixes? what Linus has insisted on is 'no greppable words', that's diametrically opposite to 'full disclosure' that you guys say you're supposedly doing. so if you omit the exploits that noone really requested (and i don't even know why they'd be useful in a commit) then suddenly the script kiddies are no longer helped. and you have yet to explain what is false and misleading about the security bug category. you used these words yourself several times today, how do you explain that? why does the CVE exist? why does bugtraq exist? are all those people discussing 'false and misleading' things? why does your employer release security errata? etc, etc. > B) "i obfuscate the vsyscall page" > > Advantages: - it makes it statistically harder for people (including script kiddies) to do harm > > Disadvantages: - it reduces the incentive to fix *real* security bugs as i pointed out in an earlier mail, this supposed disadvantage doesn't exist so come up with something better, preferably real. > - complicates the code removing code simplifies things. next try? ;) > Do you see how A) and B) are not equivalent at all? Different cases, > different attributes, different probabilities and different > considerations. i only see a strawman that you thought would help your cause but since it's just that, a strawman, something you made up for the sake of argument, i don't think there's much more to see about it. > > but it's very simple logic Ingo. > > Please drop the condescending tone, i think it should be clear to you > by now that i have a good basis to disagree with you. i'm a firm believer of instant karma, it seems to work on people like yourself or Linus really well. in somewhat profane but simple english: if you behave as an asshole i will treat you as one, if you believe i treated you as an asshole it's because i think you acted as one, and if you don't understand why then you're welcome to 1. look into yourself and figure it out yourself, 2. ask me. what is not going to get you anywhere is if you talk to me and others from the high horse, you must be a lot better than your current self for anyone to tolerate it.
next prev parent reply index Thread overview: 112+ messages / expand[flat|nested] mbox.gz Atom feed top 2011-06-05 17:50 [PATCH v5 0/9] Remove syscall instructions at fixed addresses Andy Lutomirski 2011-06-05 17:50 ` [PATCH v5 1/9] x86-64: Fix alignment of jiffies variable Andy Lutomirski 2011-06-06 8:31 ` [tip:x86/vdso] " tip-bot for Andy Lutomirski 2011-06-05 17:50 ` [PATCH v5 2/9] x86-64: Document some of entry_64.S Andy Lutomirski 2011-06-06 8:31 ` [tip:x86/vdso] " tip-bot for Andy Lutomirski 2011-06-05 17:50 ` [PATCH v5 3/9] x86-64: Give vvars their own page Andy Lutomirski 2011-06-06 8:32 ` [tip:x86/vdso] " tip-bot for Andy Lutomirski 2011-06-05 17:50 ` [PATCH v5 4/9] x86-64: Remove kernel.vsyscall64 sysctl Andy Lutomirski 2011-06-06 8:32 ` [tip:x86/vdso] " tip-bot for Andy Lutomirski 2011-12-05 18:27 ` [PATCH v5 4/9] " Matthew Maurer 2011-06-05 17:50 ` [PATCH v5 5/9] x86-64: Map the HPET NX Andy Lutomirski 2011-06-06 8:33 ` [tip:x86/vdso] " tip-bot for Andy Lutomirski 2011-06-05 17:50 ` [PATCH v5 6/9] x86-64: Remove vsyscall number 3 (venosys) Andy Lutomirski 2011-06-06 8:33 ` [tip:x86/vdso] " tip-bot for Andy Lutomirski 2011-06-05 17:50 ` [PATCH v5 7/9] x86-64: Fill unused parts of the vsyscall page with 0xcc Andy Lutomirski 2011-06-06 8:34 ` [tip:x86/vdso] " tip-bot for Andy Lutomirski 2011-06-05 17:50 ` [PATCH v5 8/9] x86-64: Emulate legacy vsyscalls Andy Lutomirski 2011-06-05 19:30 ` Ingo Molnar 2011-06-05 20:01 ` Andrew Lutomirski 2011-06-06 7:39 ` Ingo Molnar 2011-06-06 9:42 ` pageexec 2011-06-06 11:19 ` Andrew Lutomirski 2011-06-06 11:56 ` pageexec 2011-06-06 12:43 ` Andrew Lutomirski 2011-06-06 13:58 ` pageexec 2011-06-06 14:07 ` Brian Gerst 2011-06-07 23:32 ` pageexec 2011-06-07 23:49 ` Andrew Lutomirski 2011-06-08 6:32 ` pageexec 2011-06-06 15:26 ` Ingo Molnar 2011-06-06 15:48 ` pageexec 2011-06-06 15:59 ` Ingo Molnar 2011-06-06 16:19 ` pageexec 2011-06-06 16:47 ` Ingo Molnar 2011-06-06 22:49 ` pageexec 2011-06-06 22:57 ` david 2011-06-07 9:07 ` Ingo Molnar 2011-06-07 6:59 ` Pekka Enberg 2011-06-07 8:30 ` Ingo Molnar 2011-06-07 23:24 ` pageexec 2011-06-08 5:55 ` Pekka Enberg 2011-06-08 6:19 ` pageexec 2011-06-08 6:48 ` Ingo Molnar 2011-06-08 9:02 ` pageexec 2011-06-08 9:11 ` Andi Kleen 2011-06-08 9:35 ` pageexec 2011-06-08 10:06 ` Andi Kleen 2011-06-08 10:26 ` pageexec 2011-06-08 10:39 ` Ingo Molnar 2011-06-08 10:35 ` Ingo Molnar 2011-06-08 9:15 ` Ingo Molnar 2011-06-08 7:16 ` Ingo Molnar 2011-06-08 9:29 ` pageexec 2011-06-06 14:01 ` Linus Torvalds 2011-06-06 14:55 ` pageexec 2011-06-06 15:33 ` Ingo Molnar 2011-06-06 15:58 ` pageexec 2011-06-06 15:41 ` Ingo Molnar 2011-06-06 8:34 ` [tip:x86/vdso] " tip-bot for Andy Lutomirski 2011-06-06 8:35 ` [tip:x86/vdso] x86-64, vdso, seccomp: Fix !CONFIG_SECCOMP build tip-bot for Ingo Molnar 2011-06-07 7:49 ` [tip:x86/vdso] x86-64: Emulate legacy vsyscalls tip-bot for Andy Lutomirski 2011-06-07 8:03 ` tip-bot for Andy Lutomirski 2011-06-05 17:50 ` [PATCH v5 9/9] x86-64: Add CONFIG_UNSAFE_VSYSCALLS to feature-removal-schedule Andy Lutomirski 2011-06-06 8:34 ` [tip:x86/vdso] " tip-bot for Andy Lutomirski 2011-06-06 8:46 ` [PATCH v5 9/9] " Linus Torvalds 2011-06-06 9:31 ` Andi Kleen 2011-06-06 10:39 ` pageexec 2011-06-06 13:56 ` Linus Torvalds 2011-06-06 18:46 ` pageexec 2011-06-06 20:40 ` Linus Torvalds 2011-06-06 20:51 ` Andrew Lutomirski 2011-06-06 21:54 ` Ingo Molnar 2011-06-06 21:45 ` Ingo Molnar 2011-06-06 21:48 ` Ingo Molnar [not found] ` <BANLkTi==uw_h78oaep1cCOCzwY0edLUU_Q@mail.gmail.com> 2011-06-07 8:03 ` [PATCH, v6] x86-64: Emulate legacy vsyscalls Ingo Molnar 2011-06-06 21:53 ` [PATCH v5 9/9] x86-64: Add CONFIG_UNSAFE_VSYSCALLS to feature-removal-schedule pageexec 2011-06-06 14:44 ` Ingo Molnar 2011-06-06 15:01 ` pageexec 2011-06-06 15:15 ` Ingo Molnar 2011-06-06 15:29 ` pageexec 2011-06-06 16:54 ` Ingo Molnar 2011-06-06 18:59 ` pageexec 2011-06-06 19:25 ` Ingo Molnar 2011-06-07 0:34 ` pageexec [this message] 2011-06-07 9:51 ` Ingo Molnar 2011-06-07 23:24 ` pageexec 2011-06-10 11:19 ` Ingo Molnar 2011-06-14 0:48 ` pageexec 2011-06-15 19:42 ` Valdis.Kletnieks 2011-06-06 14:52 ` Ingo Molnar 2011-06-06 10:24 ` [PATCH] x86-64, vsyscalls: Rename UNSAFE_VSYSCALLS to COMPAT_VSYSCALLS Ingo Molnar 2011-06-06 11:20 ` pageexec 2011-06-06 12:47 ` Ingo Molnar 2011-06-06 12:48 ` Ingo Molnar 2011-06-06 18:04 ` pageexec 2011-06-06 19:12 ` Ingo Molnar 2011-06-07 0:02 ` pageexec 2011-06-07 9:56 ` Ingo Molnar 2011-06-07 23:24 ` pageexec 2011-06-09 6:48 ` Ingo Molnar 2011-06-09 23:33 ` pageexec 2011-06-07 10:05 ` Ingo Molnar 2011-06-07 23:24 ` pageexec 2011-06-09 7:02 ` Ingo Molnar 2011-06-09 23:33 ` pageexec 2011-06-07 10:13 ` Ingo Molnar 2011-06-07 23:24 ` pageexec 2011-06-06 12:19 ` Ted Ts'o 2011-06-06 12:33 ` Andrew Lutomirski 2011-06-06 12:37 ` Ingo Molnar 2011-06-06 14:34 ` [tip:x86/vdso] " tip-bot for Ingo Molnar 2011-06-05 20:05 ` [PATCH v5 0/9] Remove syscall instructions at fixed addresses Andrew Lutomirski
Reply instructions: You may reply publicly to this message via plain-text email using any one of the following methods: * Save the following mbox file, import it into your mail client, and reply-to-all from there: mbox Avoid top-posting and favor interleaved quoting: https://en.wikipedia.org/wiki/Posting_style#Interleaved_style * Reply using the --to, --cc, and --in-reply-to switches of git-send-email(1): git send-email \ --in-reply-to=4DED7222.28864.150079CE@pageexec.freemail.hu \ --email@example.com \ --cc=JBeulich@novell.com \ --cc=Louis.Rilling@kerlabs.com \ --cc=Valdis.Kletnieks@vt.edu \ --firstname.lastname@example.org \ --email@example.com \ --firstname.lastname@example.org \ --email@example.com \ --firstname.lastname@example.org \ --email@example.com \ --firstname.lastname@example.org \ --email@example.com \ --firstname.lastname@example.org \ --email@example.com \ --firstname.lastname@example.org \ --email@example.com \ --firstname.lastname@example.org \ --email@example.com \ /path/to/YOUR_REPLY https://kernel.org/pub/software/scm/git/docs/git-send-email.html * If your mail client supports setting the In-Reply-To header via mailto: links, try the mailto: link
LKML Archive on lore.kernel.org Archives are clonable: git clone --mirror https://lore.kernel.org/lkml/0 lkml/git/0.git git clone --mirror https://lore.kernel.org/lkml/1 lkml/git/1.git git clone --mirror https://lore.kernel.org/lkml/2 lkml/git/2.git git clone --mirror https://lore.kernel.org/lkml/3 lkml/git/3.git git clone --mirror https://lore.kernel.org/lkml/4 lkml/git/4.git git clone --mirror https://lore.kernel.org/lkml/5 lkml/git/5.git git clone --mirror https://lore.kernel.org/lkml/6 lkml/git/6.git git clone --mirror https://lore.kernel.org/lkml/7 lkml/git/7.git git clone --mirror https://lore.kernel.org/lkml/8 lkml/git/8.git # If you have public-inbox 1.1+ installed, you may # initialize and index your mirror using the following commands: public-inbox-init -V2 lkml lkml/ https://lore.kernel.org/lkml \ firstname.lastname@example.org public-inbox-index lkml Example config snippet for mirrors Newsgroup available over NNTP: nntp://nntp.lore.kernel.org/org.kernel.vger.linux-kernel AGPL code for this site: git clone https://public-inbox.org/public-inbox.git