Submission Summary: 0 pending, 11 declined, 16 accepted (27 total, 59.26% accepted)
I have never gotten into the KDE vs GNOME debates, so this is not GNOME bashing, nor, as you’ll soon see, are these systemic development problems limited to GNOME. Yet what I’m hearing is that with GNOME v3 the goal is to promote their “brand” and make it dominant, in part by greatly limiting what users can change on their own systems, and partly by breaking or simply removing whatever support they’re no longer promoting as ‘The Way’. The reach of this selfish and narrow-sighted development goes beyond GNOME and affects GTK apps in general.
The Linux desktop has for long been composed of several interchangeable and combinable components. This means that every Linux desktop does not necessarily look and feel exactly the same, giving the user the choice to optimize the desktop to his or her preference.
Getting in deeper, not only are GNOME devs content to break their own desktop, but they want features removed from apps simply because GNOME no longer supports them!
It can be argued that Linux is not about choice and that backwards compatibility can not always be preserved. Hackers are free to use their time to do what they want to do, but when some of the most important projects prioritize their brand higher than the user it is time to think about what we are loosing as a community.
However, like previous null pointer dereference issues in the Linux kernel, the vulnerability can only be exploited if the kernel's mmap_min_addr system variable is set to 0. mmap_min_addr describes the lowest virtual address a process can use for mapping. If it is greater than 0, exploits that involve a null-valued pointer to this address won't work. However, as this will also cause certain open source applications like Wine and DOSEMU to malfunction, distributors such as Red Hat and Debian set the respective value to 0 by default. Red Hat has already released updated packages to close the hole. Debian offers instructions on how to change the variable. In Ubuntu, mmap_min_addr is set to 65535, which renders exploits ineffective.
Lots of folks confuse bad management with destiny. -- Frank Hubbard