The vulnerability is in the process, and this was the test.
> You really think the Linux kernel guys would change their process if you did this? They'd still do the same things they do.
If they're vulnerable to accepting patches with exploits because the review process fails, then the process is broken. Linux isn't some toy, it's critical infrastructure.
Same analogy... there's a vulnerability and you want to test it? Go set up a test, and notify the people.
You really think the Linux kernel guys would change their process if you did this? They'd still do the same things they do.
> Go set up a test, and notify the people.
The vulnerability is in the process, and this was the test.
> You really think the Linux kernel guys would change their process if you did this? They'd still do the same things they do.
If they're vulnerable to accepting patches with exploits because the review process fails, then the process is broken. Linux isn't some toy, it's critical infrastructure.
You can test the process without pushing exploits to the real kernel.
5 replies →