Changes between Version 3 and Version 4 of ProtectedCollaborationTree


Ignore:
Timestamp:
Sep 27, 2021 4:41:13 PM (3 years ago)
Author:
Jon Davis
Comment:

--

Legend:

Unmodified
Added
Removed
Modified

  • ProtectedCollaborationTree

    v3 v4  
    117117
    118118Filip: The scary thing is that if you have a well engineered exploit chain that has a part that gets closed by a software update all you have to do is look at trac.webkit.org and a day later you’ve got a replacement. This will hopefully make it more than a day.
     119
     120SF Akihabara (Sony): It sounds like this is adding a lot of pain for engineers.  Is there any way to automate this or have a branch downstream that applies patches and rebase
     121
     122Jonathan: the explanation of this process is more confusing than what it will be in practice.  Apple does a lot of cherry picking, rebasing, and merging, and the has a very high cost on the people that are writing the security fixes.  Security fixes tend to touch code other people are working on