[PATCH 3/3] x25: Move to staging

netdev.vger.kernel.org archive mirror
 help / color / mirror / Atom feed

* [PATCH 3/3] x25: Move to staging
@ 2010-11-23  3:55 Ben Hutchings
  2010-11-23  4:31 ` Stephen Hemminger
  0 siblings, 1 reply; 3+ messages in thread
From: Ben Hutchings @ 2010-11-23  3:55 UTC (permalink / raw)
  To: Andrew Hendry, David Miller, Greg Kroah-Hartman
  Cc: netdev, devel, Debian kernel maintainers, linux-x25

Recent review has revealed several bugs in obscure protocol
implementations that can be exploited by local users for denial of
service or privilege escalation.

The x25 protocol (PF_X25) receives only 'odd fixes'.  There appear to
be no published applications for it, and it has never progressed
beyond 'experimental' status.

This protocol generally should not be enabled by distributions, since
the cost of a security flaw affecting all installed systems presumably
outweighs the benefit to the few (if any) legitimate users.

Signed-off-by: Ben Hutchings <ben@decadent.org.uk>
---
I'm somewhat less sure about this one; maybe it's improving?  But there
is little enough sign of any usefulness after 10 years.

There are several X25 dependencies that presumably should be moved too.

Ben.

 drivers/staging/Kconfig |    2 ++
 net/Kconfig             |    1 -
 2 files changed, 2 insertions(+), 1 deletions(-)

diff --git a/drivers/staging/Kconfig b/drivers/staging/Kconfig
index a9dd984..1347242 100644
--- a/drivers/staging/Kconfig
+++ b/drivers/staging/Kconfig
@@ -179,5 +179,7 @@ source "net/decnet/Kconfig"

 source "net/econet/Kconfig"

+source "net/x25/Kconfig"
+
 endif # !STAGING_EXCLUDE_BUILD
 endif # STAGING
diff --git a/net/Kconfig b/net/Kconfig
index 059c9f1..1d396ba 100644
--- a/net/Kconfig
+++ b/net/Kconfig
@@ -203,7 +203,6 @@ source "net/8021q/Kconfig"
 source "net/llc/Kconfig"
 source "net/ipx/Kconfig"
 source "drivers/net/appletalk/Kconfig"
-source "net/x25/Kconfig"
 source "net/lapb/Kconfig"
 source "net/wanrouter/Kconfig"
 source "net/phonet/Kconfig"
-- 
1.7.2.3

^ permalink raw reply related	[flat|nested] 3+ messages in thread

* Re: [PATCH 3/3] x25: Move to staging
  2010-11-23  3:55 [PATCH 3/3] x25: Move to staging Ben Hutchings
@ 2010-11-23  4:31 ` Stephen Hemminger
  2010-11-23  5:05   ` Andrew Hendry
  0 siblings, 1 reply; 3+ messages in thread
From: Stephen Hemminger @ 2010-11-23  4:31 UTC (permalink / raw)
  To: Ben Hutchings
  Cc: Andrew Hendry, David Miller, Greg Kroah-Hartman, netdev, devel,
	Debian kernel maintainers, linux-x25

On Tue, 23 Nov 2010 03:55:28 +0000
Ben Hutchings <ben@decadent.org.uk> wrote:

> Recent review has revealed several bugs in obscure protocol
> implementations that can be exploited by local users for denial of
> service or privilege escalation.
> 
> The x25 protocol (PF_X25) receives only 'odd fixes'.  There appear to
> be no published applications for it, and it has never progressed
> beyond 'experimental' status.
> 
> This protocol generally should not be enabled by distributions, since
> the cost of a security flaw affecting all installed systems presumably
> outweighs the benefit to the few (if any) legitimate users.
> 
> Signed-off-by: Ben Hutchings <ben@decadent.org.uk>
> ---
> I'm somewhat less sure about this one; maybe it's improving?  But there
> is little enough sign of any usefulness after 10 years.
> 
> There are several X25 dependencies that presumably should be moved too.

No. If you don't like it then don't enable it.

^ permalink raw reply	[flat|nested] 3+ messages in thread

* Re: [PATCH 3/3] x25: Move to staging
  2010-11-23  4:31 ` Stephen Hemminger
@ 2010-11-23  5:05   ` Andrew Hendry
  0 siblings, 0 replies; 3+ messages in thread
From: Andrew Hendry @ 2010-11-23  5:05 UTC (permalink / raw)
  To: Stephen Hemminger
  Cc: Ben Hutchings, David Miller, Greg Kroah-Hartman, netdev, devel,
	Debian kernel maintainers, linux-x25

There are users of linux X.25 for production environments, please don't..
It works well enough, there have been some X.25 over TCP bits of code
floating around the Internet and mailing lists.
There is an x25 loopback device on sourceforge using tuntap which I
have been using to test slowly removing the bkls.

Regards,
Andrew.

On Tue, Nov 23, 2010 at 3:31 PM, Stephen Hemminger
<shemminger@vyatta.com> wrote:
> On Tue, 23 Nov 2010 03:55:28 +0000
> Ben Hutchings <ben@decadent.org.uk> wrote:
>
>> Recent review has revealed several bugs in obscure protocol
>> implementations that can be exploited by local users for denial of
>> service or privilege escalation.
>>
>> The x25 protocol (PF_X25) receives only 'odd fixes'.  There appear to
>> be no published applications for it, and it has never progressed
>> beyond 'experimental' status.
>>
>> This protocol generally should not be enabled by distributions, since
>> the cost of a security flaw affecting all installed systems presumably
>> outweighs the benefit to the few (if any) legitimate users.
>>
>> Signed-off-by: Ben Hutchings <ben@decadent.org.uk>
>> ---
>> I'm somewhat less sure about this one; maybe it's improving?  But there
>> is little enough sign of any usefulness after 10 years.
>>
>> There are several X25 dependencies that presumably should be moved too.
>
> No. If you don't like it then don't enable it.
>

^ permalink raw reply	[flat|nested] 3+ messages in thread

end of thread, other threads:[~2010-11-23  5:05 UTC | newest]

Thread overview: 3+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2010-11-23  3:55 [PATCH 3/3] x25: Move to staging Ben Hutchings
2010-11-23  4:31 ` Stephen Hemminger
2010-11-23  5:05   ` Andrew Hendry

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).