z***t
发帖数: 10817 | 1 University Banned From Contributing To Linux Kernel For Intentionally
Inserting Bugs
Written by Michael Larabel in Linux Kernel on 21 April 2021 at 07:48 AM EDT.
80 Comments
LINUX KERNEL -- Greg Kroah-Hartman has banned a US university from trying to
mainline Linux kernel patches over intentionally submitting questionable
code with security implications and other "experiments" in the name of
research.
Stemming from this research paper where researchers from the University of
Minnesota intentionally worked to stealthy introduce vulnerabilities into
the mainline Linux kernel. They intentionally introduced use-after-free bugs
into the kernel covertly for their research paper.
But even after this paper, there has been a new round of patches from
University of Minnesota researchers that claim to come from "a new static
analyzer" but without any real value to the patches. These new, questionable
patches don't appear to have any real value -- for good or bad -- and at
the very least are just wasting time by upstream developers. This has led
Greg to calling them out and "banning" them from trying to contribute to the
Linux kernel in the future.
Greg wrote this morning on the kernel mailing list, "[These new patches]
obviously were _NOT_ created by a static analysis tool that is of any
intelligence, as they all are the result of totally different patterns, and
all of which are obviously not even fixing anything at all. So what am I
supposed to think here, other than that you and your group are continuing to
experiment on the kernel community developers by sending such nonsense
patches?...A few minutes with anyone with the semblance of knowledge of C
can see that your submissions do NOT do anything at all, so to think that a
tool created them, and then that you thought they were a valid "fix" is
totally negligent on your part, not ours. You are the one at fault, it is
not our job to be the test subjects of a tool you create...Because of this,
I will now have to ban all future contributions from your University and rip
out your previous contributions, as they were obviously submitted in bad-
faith with the intent to cause problems."
So those from the University of Minnesota are no longer welcome to
contribute to the upstream Linux kernel development.
In a follow up message is indeed confirmation that the prior University of
Minnesota patches to the Linux kernel are going to be reverted. | g****t
发帖数: 31659 | 2 做研究是可以的,但是你不能让别人承担你的研究的damage。
感觉这几位基础比较差,对此类操作可能造成的damage毫无概念。
我觉得这几位作者,今后无法在这个圈子了。最倒霉的还是学生。
EDT.
to
【在 z***t 的大作中提到】
: University Banned From Contributing To Linux Kernel For Intentionally
: Inserting Bugs
: Written by Michael Larabel in Linux Kernel on 21 April 2021 at 07:48 AM EDT.
: 80 Comments
: LINUX KERNEL -- Greg Kroah-Hartman has banned a US university from trying to
: mainline Linux kernel patches over intentionally submitting questionable
: code with security implications and other "experiments" in the name of
: research.
: Stemming from this research paper where researchers from the University of
: Minnesota intentionally worked to stealthy introduce vulnerabilities into
| w*****r
发帖数: 197 | | g****t
发帖数: 31659 | 4 还好只是introduce bug on purpose 上了hackernews。
不是introduce computer virus
【在 w*****r 的大作中提到】
: 我靠,教授是个老中,哎。。。
|
|
