Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <20170626205012.GA17038@openwall.com>
Date: Mon, 26 Jun 2017 22:50:12 +0200
From: Solar Designer <solar@...nwall.com>
To: oss-security@...ts.openwall.com
Subject: civilized discussion (Re: More CONFIG_VMAP_STACK vulnerabilities, refcount_t UAF, and an ignored Secure Boot bypass / rootkit method)

Hi all,

Yes, I too would like the discussions in here to stay civilized.

Brad wrote to Linus:

On Sat, Jun 24, 2017 at 9:35 PM, Brad Spengler <spender@...ecurity.net> wrote:
> With no technical content coming from your end, there's no need to discuss
> anything further -- don't waste your time because I won't reply.

and I hope that Linus won't reply (as far as I can see, he did not so
far) and this does in fact end that thread.

On Mon, Jun 26, 2017 at 03:16:06PM -0400, Mansour Moufid wrote:
> Is there another mailing list for discussions of Linux security? Or forum?

At Openwall, we also host the kernel-hardening mailing list, but we
currently moderate it similarly - that is, we're not preventing
occasional/infrequent threads like this right away, letting a sensible
number of messages to pass through, even if with insults and such.
Usually those threads end on their own.  In fact, I only recall one very
recent thread in there where I intervened and technically shut it down.
If the pro-grsecurity and/or anti-grsecurity folks try much harder,
we'll probably have to start moderating the lists much stricter.

There are probably other suitable mailing lists and forums as well.
Maybe someone else would share some.

> I have been thinking of sharing a few patches for the last couple months.
> I don't think this is the right place after the kind of insults I saw this week.

This sounds weird to me: you've been sitting on those patches for "the
last couple months" and now a thread "this week" finally made you decide
not to post them in here.  Anyhow, if those patches would be on-topic in
here or on kernel-hardening, please feel free to reconsider.

Off-list, someone else also explained to me that the recent dirt in here
discouraged them from posting certain reasonable content.  So this is
probably happening, and that's a pity.  I ask that anyone who thinks
they have higher quality content than what we see in this thread does
post that.  Let this be your response.

Alexander

Powered by blists - more mailing lists

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.