Jakub Kicinski <kuba@xxxxxxxxxx> wrote: > I think we should do _something_ because we broke so many things > in this release if we let this rot until its smell reaches Linus - > someone is getting yelled at... Well, we can restore the knob and some strongly worded printk. (or even tain/warn_on_once/whatever). So its not like we no options, but autoassign=1 is a problematic configuration and so it would prefer to finally get rid of it. > Now, Linus is usually okay with breaking uAPI if there is no other > way of preventing a security issue. But (a) we break autoload of > all helpers and we only have security issue in one, This isn't 100% correct either, because its not necessarliy about a security bug. Helpers (by design) make things reachable that otherwise would not be, e.g. ftp with 'loose=1' modparam adds a 'from anywhere to x:y' reverse forward, so if client is behind nat (and the helper is active) this can be used to expose a service to a 3rd party (granted, this is unlikely, given its off by default). > and (b) not loading > the module doesn't necessarily mean removing the file (at least IMHO). We did not disable module load, but loading a connection tracking module has no effect anymore without the needed iptables (or nftables) rules to tell the conntrack engine which connections need to be monitored by which helper.
