[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: ISDN with RedHat 6.0?
Stanislav Malyshev a.k.a Frodo writes:
> AS>> That mightly sucks. 1) they can add security holes with their patches,
> AS>> and little people would know because the code isn't reviewed like the
> AS>> rest of the kernel, actually most people don't see that code at all;
>
> Same with every program - most people never carefully examine source.
> That's your own decision about security/usability tradeoff - or you
> sacrifice your time and comfort, or you get security risk.
Sure. IMHO the kernel is different though -- the linux-kernel crew is
there not for vain and there's a reason why Linus thinks thrice before
including even the smallest of patches.
> AS>> 2) if the kernel crashes you can't easily submit a bug to linux-kernel
> AS>> because who knows whose fault it is, the kernel deevlopers' or Red
> AS>> Hat's; 3) this general approach -- of forking your own version instead
> AS>> of doing the regular well-established route of submitting the patches
> AS>> to linux-kernel -- makes me sick.
>
> That's not right. All sources of RH packages are public. You can review
> them at will.
True, but it doesn't go through the scrutiny of linux-kernel and
Linus, which for me means that it's less trusted. And since it's the
kernel it's important.
Red Hat should make the fact that their packages include an unofficial
kernel prominent, e.g. place a note in the RPM decription. Maybe they
do that, I have no idea. (Can anyone tell?) This should tell people
that require a stable kernel (24x7 servers?) to build their own from
the pristine sources. (Which they probably do anyway, though..)
--
Alex Shnitman | http://www.debian.org
alexsh@hectic.net, alexsh@linux.org.il +-----------------------
http://alexsh.hectic.net UIN 188956 PGP key on web page
E1 F2 7B 6C A0 31 80 28 63 B8 02 BA 65 C7 8B BA
NOTE: if this message has reached you in error, or if you would simply
like to be removed from our mailing list, please call the 800 number
listed above and slowly speak and spell your e-mail address so that we
may process your request promptly.
Thank you!
-- Excerpt from a spam letter