[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: suspend/hibernate on desktops



> On Mon, Jan 16, 2006 at 12:48:33PM -0600, Josh Boyer wrote:
>
>  > I agree that kernels in extras is not a good idea.  However, you have
> the
>  > same security issues with kernel _modules_ in extras.  Think OpenAFS
>  > security issue, etc.
>
> With modules its less of a concern, as that usually means on the day
> it gets fixed upstream, a maintainer can respin a package with the
> fix-de-jour.  For a kernel however, it's a lot more painful, as it
> a) takes longer to build
> b) takes longer to test (sometimes security fixes have knock-on
>  consequences which can have dire consequences, such as being
>  unable to boot in certain configurations)
> c) requires every kernel module package to need to be rebuilt too.

Sure, I was just saying that it's still a concern.


<snip perfectly valid point>


>  > Davej, I sympathize with you but you might want to start making "What
>  > kernel module packages from Extras do you have installed?" a standard
>  > question in your bug reports.
>
> In the cases of oopses, I already get that info. It's the non-oops
> bug-reports that are a problem, and asking users at times isn't
> a sure-fire way to find out.  I've seen reports where users have
> claimed never to have loaded a binary module, and have editted
> out the 'tainted' part of a kernel oops, despite leaving other
> telltale signs that they had in fact loaded vmware, nvidia etc..

Ew... People are manually mucking with that?  Sounds like bugzilla needs a
YOUREAWANKER resolution for folks that do that.

Anyway, sounds like you have it under control as usual.  Here's to hoping
your bug reports don't increase too much with Extras modules :).

josh


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]