Jason, your debian system is quite safe, I can't actually log into it at the<br>moment with a valid user name and password, now that's security. ;-). Helpdesk<br>are on it, but it's the Spanish inquisition, 'what exactly do you want to<br>use ssh for, they say'...at this point I just gave up.<br><br>vmspice huh, classic example of 'lets add x,y,z feature' to the mainline<br>kernel. I'm sure it was not intentional, the more features you add,<br>the more chance that stuff like this will slip through. <br><br>more features = more lines of code = more potential security problems.<br><br>simple!<br><br>Personally I'd like the linux kernel to be shrinking (excluding drivers) ,<br>to where it's the bare essentials. Minimalism is the way forward. Maybe<br>it's time to look at bsd, or try to pretend that the gnu/hurd will actually<br>be finished one day! I wish the linux guys would take a leaf out of the bsd<br>book, constantly review and rewriting code, rather than integrating
<br>every feature under the sun. I guess linux kernel developers like the<br>glory of new features in the kernel, there's not much fun in being<br>the code janitor, mopping up other people's messes.<br><br>I presume the paid kernel developers too , their management needs<br>to see results , results = $$$ , I guess it's hard to justify spending a month<br>rewriting code, than saying 'hey, I've just wrote a new feature for the kernel,<br>how cool am I!'<br><br>so, extra features or security..the choice is yours.<br><br>What makes this so nasty, it seems to be very generic!!! It's also be lurking<br>in the kernel for many releases. I wonder if features like this get proper<br>security testing before they are submitted. I doubt it. Although security<br>patches for linux are quick to appear for 'know exploits' , can the same<br>be said for preventing those 'bugs' from appearing the first place.<br><br>The write code , patch later when exploited mentality has really got to
stop.<br><br>And remember, for every exploit you know about, there are handful that<br>arn't disclosed. and that's really scary ;-). <br><br>anyways, I'll bore you with more during my security talk soon.<br><br>After this, I'm going back to amiga dos.<br><br>http://kerneltrap.org/node/7637e<br><br>extract from this interview.<br><br>'The last major kernel project I got into was splice, a new IO model based on a paper by Larry McVoy. I had read the paper many years ago, and while the idea was innovative and appealing, I felt there was a piece missing to really tie it into the kernel model. Splice describes a way to allow applications to move data around inside the kernel, without copying it back and forth between the kernel and user space. Essentially, you splice together two ends and allow the data to travel between them. Linus provided the missing piece of the puzzle, by suggesting that the splice buffers be tied to pipes. Like most good ideas, it is directly
obvious once you understand it! So once that was settled, I wrote the kernel implementation and the associated system calls. There's a system call (sys_splice) that splices data from a file descriptor to a pipe (or vice versa), a system call to duplicate the contents of one pipe to another (sys_tee), and a system call that maps a user buffer into a pipe.'<br><br><b><i>azmodie <azmodie@gmail.com></i></b> wrote:<blockquote class="replbq" style="border-left: 2px solid rgb(16, 16, 255); margin-left: 5px; padding-left: 5px;"> lol. was just sending that myself.<br clear="all"><br>-- <br>Umbrella Corporation :-<br>"They are the fear within all of that there is a company. The Corporation controlling everything that is Umbrella.<br>A combination of Microsoft and the US Military. At some level there is a board of directors who meet once a<br> month and decide all of our fates."<br>-- Jeremy Bolt - Producer - Resident Evil : Apocalypse
_______________________________________________<br>dundee GNU/Linux Users Group mailing list<br>dundee@lists.lug.org.uk http://dundee.lug.org.uk<br>https://mailman.lug.org.uk/mailman/listinfo/dundee<br>Chat on IRC, #tlug on dundee.lug.org.uk</blockquote><br><p> 
<hr size=1> Sent from <a href="http://us.rd.yahoo.com/mailuk/taglines/isp/control/*http://us.rd.yahoo.com/evt=51949/*http://uk.docs.yahoo.com/mail/winter07.html">Yahoo!</a> - a smarter inbox.