undefined | Better HN

0 pointsphiljackson4y ago0 comments

I mean, it's the linux kernel. Think about what it's powering and how much risk there is involved with these patches. Review processes obviously aren't perfect, but usually patches aren't constructed to sneak sketchy code though. You'd usually approach a review in good faith.

Given that some patches may have made it though with holes, you pull them and re-approach them with a different mindset.

0 comments

d110af5ccf4y ago

> You'd usually approach a review in good faith.

> it's the linux kernel. Think about what it's powering and how much risk there is involved with these patches

Perhaps the mindset needs to change regarding security? Actual malicious actors seem unlikely to announce themselves for you.

SilverRed4y ago

Doesn't this basically prove the original point that if someone or an organization wished to compromise linux, they could do so with crafted bugs in patches?

j / k navigate · click thread line to collapse