Full Disclosure mailing list archives
Re: Port Randomization: New revision of our IETF Internet-Draft
From: Valdis.Kletnieks () vt edu
Date: Mon, 01 Sep 2008 18:23:26 -0400
On Mon, 01 Sep 2008 15:51:35 CDT, rholgstad said:
Linus doesn't care about security
No, he actually *does* care about security - he's just pf the opinion that security fixes don't automatically rate a 'ZOMG! PWNED!' flag on them like certain *BSD variants think. He thinks that sticking a big SECURITY PATCH tag on a fix tends to make people cherry-pick and install just those fixes - even though the patch they *didn't* install that fixes a system crash or a silent data corruption is actually more critical. Your chances of getting it accepted improve greatly if you have a nice writeup of *why* the patch is a good idea - summarize the current state, explain how the new version works, list what attacks it minimizes. Oh - and I *guarantee* that somebody will make a (quite valid) issue about the drain on the /dev/random entropy pool if you're using that as your (possibly indirect) source of random bits. You may want to make sure that you have either Kconfig magic for compile time selection, and/or a /sys file or something for runtime tweaking.
Attachment:
_bin
Description:
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Current thread:
- Re: Port Randomization: New revision of our IETF Internet-Draft coderman (Sep 01)
- Re: Port Randomization: New revision of our IETF Internet-Draft Valdis . Kletnieks (Sep 01)
- Re: Port Randomization: New revision of our IETF Internet-Draft rholgstad (Sep 01)
- Re: Port Randomization: New revision of our IETF Internet-Draft Valdis . Kletnieks (Sep 01)
- Re: Port Randomization: New revision of our IETF Internet-Draft Pavel Labushev (Sep 02)
- Re: Port Randomization: New revision of our IETF Internet-Draft Valdis . Kletnieks (Sep 02)
- Re: Port Randomization: New revision of our IETF Internet-Draft Pavel Labushev (Sep 02)
- Re: Port Randomization: New revision of our IETF Internet-Draft rholgstad (Sep 01)
- Re: Port Randomization: New revision of our IETF Internet-Draft Valdis . Kletnieks (Sep 01)
- Re: Port Randomization: New revision of our IETF Internet-Draft Fernando Gont (Sep 02)
- Re: Port Randomization: New revision of our IETF Internet-Draft coderman (Sep 02)
- Message not available
- Re: Port Randomization: New revision of our IETF Internet-Draft Fernando Gont (Sep 02)