← Back to context

Comment by ajross

4 years ago

Arbitrary anonymous submissions don't go into the kernel in general. The point[1] behind the Signed-off-by line is to associate a physical human being with real contact information with the change.

One of the reason this worked is likely that submissions from large US research universities get a "presumptive good faith" pass. A small company in the PRC, for an example, might see more intensive review. But given the history of open source, we trust graduate students maybe more than we should.

[1] Originally legal/copyright driven and not a security feature, though it has value in both domains.

> A small company in the PRC, for an example, might see more intensive review.

Which is a bit silly, isn't it? Grad students are poor and overworked, it seems easy to find one to trick/bribe into signing off your code, if you wanted to do something malicious.

  • Grad students have invested years of their life, for no reward, in research on a niche topic. Any ding to their reputation will adversely effect their entire career. I doubt this guy would get a post doc fellowship anywhere after this.

    • > Any ding to their reputation will adversely effect their entire career.

      If this is foolproof, then no-one should be talking about the replication crisis.

      People don't do bad things _expecting_ to be caught, if they haven't already convinced themselves they're not doing anything bad at all. And I suspect it's surprisingly easy to convince people that they won't get caught.

      1 reply →

  • Well, there's nothing easier to corrupt than a small company (not just in the PRC), because you could found one specifically to introduce vulnerabilities without breaking any laws in any country I know of.

They do if the patch "looks good" to the right people.

In late January I submitted a patch with no prior contributions, and it was pushed to drm-misc-next within an hour. It's now filtered it's way through drm-next and will likely land in 5.13.

  • But your signed-off-by was a correct email address with your real identity, as per:

    https://github.com/torvalds/linux/blob/master/Documentation/...

    Right? It's true that all systems can be gamed and you could no doubt fool the right maintainer to take a patch from a fraudulent source. But the point is that it's not as simple as this grad student just resubmitting work under a different name.

    • > But your signed-off-by was a correct email address with your real identity, as per

      Maybe?

      My point with the above comment was more to point out that there is no special '"presumptive good faith" pass' that comes along with a .edu e-mail address, not that it's possible to subvert the system (that's already well known).

      Everyone, including some random dude with a Hackers (1995) reference for an e-mail address (myself) gets that "presumptive good faith" pass.