suspend/hibernate on desktops
jwboyer at jdub.homelinux.org
Mon Jan 16 19:59:37 UTC 2006
> On Mon, Jan 16, 2006 at 12:48:33PM -0600, Josh Boyer wrote:
> > I agree that kernels in extras is not a good idea. However, you have
> > same security issues with kernel _modules_ in extras. Think OpenAFS
> > security issue, etc.
> With modules its less of a concern, as that usually means on the day
> it gets fixed upstream, a maintainer can respin a package with the
> fix-de-jour. For a kernel however, it's a lot more painful, as it
> a) takes longer to build
> b) takes longer to test (sometimes security fixes have knock-on
> consequences which can have dire consequences, such as being
> unable to boot in certain configurations)
> c) requires every kernel module package to need to be rebuilt too.
Sure, I was just saying that it's still a concern.
<snip perfectly valid point>
> > Davej, I sympathize with you but you might want to start making "What
> > kernel module packages from Extras do you have installed?" a standard
> > question in your bug reports.
> In the cases of oopses, I already get that info. It's the non-oops
> bug-reports that are a problem, and asking users at times isn't
> a sure-fire way to find out. I've seen reports where users have
> claimed never to have loaded a binary module, and have editted
> out the 'tainted' part of a kernel oops, despite leaving other
> telltale signs that they had in fact loaded vmware, nvidia etc..
Ew... People are manually mucking with that? Sounds like bugzilla needs a
YOUREAWANKER resolution for folks that do that.
Anyway, sounds like you have it under control as usual. Here's to hoping
your bug reports don't increase too much with Extras modules :).
More information about the fedora-devel-list