suspend/hibernate on desktops
Josh Boyer
jwboyer at jdub.homelinux.org
Mon Jan 16 18:48:33 UTC 2006
> On Mon, 2006-01-16 at 11:39 -0500, Dave Jones wrote:
>> On Mon, Jan 16, 2006 at 01:49:49PM +0530, Rahul Sundaram wrote:
>>
>> > I agree in general but if the community wants to maintain such
>> kernels
>> > why should we stop them?
>>
>> The big problem I see coming with this, is that user wants feature X
>> in a kernel, and so we have kernel-x added to extras. Then people start
>> using it, and inevitably hit random bugs (not necessarily related to
>> feature X)
>
> add to this the security angle where the kernel is one of the most
> common causes of security issues, at least of the severe ones (a problem
> in the kernel is almost automatically severe just because of the
> privilege level involved). Also the kernel is the area where exploits
> tend to be 0-day or likewise.... getting the base kernel updated quickly
> is a feat, doing the same for 15 extras kernels... NotPretty(tm).
I agree that kernels in extras is not a good idea. However, you have the
same security issues with kernel _modules_ in extras. Think OpenAFS
security issue, etc.
And don't think for a second that the same users you are talking about
won't file bugs against "kernel" for something that is really and extras
module issue. People see and oops and immediately think "Kernel bug!". I
fight that issue on a daily basis.
Davej, I sympathize with you but you might want to start making "What
kernel module packages from Extras do you have installed?" a standard
question in your bug reports.
josh
More information about the fedora-devel-list
mailing list