[go: up one dir, main page]
|
|
Log in / Subscribe / Register

Does something prevent distributing the patches?

Does something prevent distributing the patches?

Posted May 5, 2017 18:28 UTC (Fri) by tlamp (subscriber, #108540)
In reply to: Does something prevent distributing the patches? by ballombe
Parent article: Grsecurity goes private

> Someone with a subscription will tell you...

Then you also trust them, else the could be the one who leaked the compromised patchset.

Also even if you trust them you could make it hard to verify the validness of the leaked patch set, *if* they would release a code with a signature (I still doubt they would do that, this is merely a thought experiment). Comparing semantics is not always trivial, especially if you have thousands of thousands diffs on kernel code. Even if you are experienced kernel hacker you will still need quite some time if you really want to ensure nothing slips.

I never ever would apply a leaked security patch set to anything worth a dime for me.

If you have a trusted contact with a subscription the easiest way would be to just use their copy and stay silent.

to post comments

Does something prevent distributing the patches?

Posted May 7, 2017 14:11 UTC (Sun) by jond (subscriber, #37669) [Link]

> I never ever would apply a leaked security patch set to anything worth a dime for me.

I'm not sure, but I don't think ballombe's hypothetical end-game was end-users blindly applying security patches themselves, rather the continuation of getting the useful bits mainlined.


Copyright © 2026, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds