|
|
|
|
|
|
by Semaphor
1605 days ago
|
|
|
> Do you think one or two volunteer maintainer (presumably working in their free time), can keep the entire kernel up to date and patched? Maybe I misunderstand it, but I think it’s not that bad? The kernel gets kept up-to-date by LineageOS, the device builds (official or unofficial) use the base builds, but add device-specific tweaks, and cherry-pick commits from elsewhere. And actually a level above that is AOSP which is maintained by Google. Would love if someone could correct me. |
|
|
How do you think the CVEs get discovered? What about CVEs in the qualcomm specific code? How do you know that the amateur kernel developers wouldn't fall prey to c footguns and introduce new vulnerabilities?
Don't get me wrong, this is strictly better than the current state of affairs where there's zero patches, but I think people are underestimating how much effort it takes to keep a huge codebase patched.