From: Willy Tarreau <w@1wt.eu>
To: Pavel Machek <pavel@ucw.cz>
Cc: Tomasz Chmielewski <mangoo@wpkg.org>,
LKML <linux-kernel@vger.kernel.org>,
jbarnold@MIT.EDU, francois.cami@free.fr,
Andi Kleen <andi@firstfloor.org>,
mail@earthworm.de
Subject: Re: A system for rebootless kernel security updates
Date: Sun, 27 Apr 2008 19:49:47 +0200 [thread overview]
Message-ID: <20080427174947.GI8474@1wt.eu> (raw)
In-Reply-To: <20080427101659.GD3891@ucw.cz>
On Sun, Apr 27, 2008 at 12:17:00PM +0200, Pavel Machek wrote:
> On Thu 2008-04-24 16:26:44, Tomasz Chmielewski wrote:
> > Jeff Arnold wrote:
> >
> > >I've put together an automatic system for applying
> > >kernel security patches to the Linux kernel without
> > >rebooting it, and I wanted to share this system with
> > >the community in case others find it useful or
> > >interesting.
> >
> > Hmm, the idea seem to be patented by Microsoft, i.e.
> > this patent from December 2002:
> >
> > http://www.google.com/patents?id=cVyWAAAAEBAJ&dq=hotpatching
> >
> > (and other patents by Microsoft if you search for
> > "hotpatching").
>
> ...so US will not be able to fix security holes without reboot, good.
> Perhaps they fix their stupid laws after next worm outbreak...
Sounds like a bullshit patent. I remember having loaded a lot of NLM
patches under netware 4.0 in 96-97 without ever rebooting. I think
that the patches only redefined the faulty symbol(s) they wanted to
patch. That was pretty convenient because when in doubt, you could
simply unload the modules and get back to previous situation.
> Pavel
Willy
next prev parent reply other threads:[~2008-04-27 17:50 UTC|newest]
Thread overview: 23+ messages / expand[flat|nested] mbox.gz Atom feed top
2008-04-24 14:26 A system for rebootless kernel security updates Tomasz Chmielewski
2008-04-24 14:42 ` Andi Kleen
2008-04-27 10:17 ` Pavel Machek
2008-04-27 17:00 ` Gilles Espinasse
2008-04-27 17:49 ` Willy Tarreau [this message]
2008-04-27 19:51 ` Oliver Pinter
2008-04-27 19:58 ` Jesper Juhl
2008-04-28 19:07 ` Bill Davidsen
2008-04-29 23:39 ` Jeff Arnold
-- strict thread matches above, loose matches on Subject: below --
2008-04-23 18:59 Jeff Arnold
2008-04-23 21:37 ` FD Cami
2008-04-24 13:42 ` Andi Kleen
2008-04-28 6:18 ` Jeff Arnold
2008-04-28 10:29 ` Andi Kleen
2008-04-29 6:55 ` Jeff Arnold
2008-04-29 12:57 ` Dan Noe
2008-04-29 22:43 ` Jeff Arnold
2008-05-01 11:38 ` Enrico Weigelt
2008-05-01 13:35 ` David Collier-Brown
2008-04-24 13:43 ` Christian Hesse
2008-04-24 18:13 ` Jeff Arnold
2008-04-24 19:16 ` Christian Hesse
2008-04-28 6:11 ` Jeff Arnold
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20080427174947.GI8474@1wt.eu \
--to=w@1wt.eu \
--cc=andi@firstfloor.org \
--cc=francois.cami@free.fr \
--cc=jbarnold@MIT.EDU \
--cc=linux-kernel@vger.kernel.org \
--cc=mail@earthworm.de \
--cc=mangoo@wpkg.org \
--cc=pavel@ucw.cz \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.