| |||||||||||||
Reactive vs. pro-active kernel securityReactive vs. pro-active kernel securityPosted Jul 21, 2011 21:11 UTC (Thu) by solardiz (guest, #35993)In reply to: Reactive vs. pro-active kernel security by jrn Parent article: Reactive vs. pro-active kernel security
There have been other kinds of exchanges between Vasiliy and Linus as well. For example, here's Linus approving another security relevant patch posted by Vasiliy:
http://www.openwall.com/lists/kernel-hardening/2011/07/12/2
Here's Vasiliy's "GSoC midterm accomplishments" summary:
http://www.openwall.com/lists/kernel-hardening/2011/07/19/3
There was no expectation that all patches would be accepted. This project is about revising and submitting the various security hardening changes properly, which is something that hasn't been done for many of them yet because it's such a mostly thankless job to do. Vasiliy was well aware of what he was getting into. :-) Before starting this project, he found and patched many vulnerabilities in the Linux kernel (mostly infoleaks) - those patches were applied upstream, as well as in distro kernels (you can see his name in plenty of distro vendor advisories about kernel updates). He also got the ICMP sockets patch applied in Linux 3.0:
http://lists.openwall.net/linux-kernel/2011/05/13/432
At Openwall, we're very happy to work with Vasiliy on this project (as well as on some other projects - e.g., Vasiliy did some work towards the Owl 3.0 release).
Others interested in joining the project or just watching are welcome to subscribe to the kernel-hardening mailing list:
http://www.openwall.com/lists/#subscribe
Vasiliy is CC'ing kernel-hardening on his LKML postings relevant to this project, and we also use the kernel-hardening list for additional discussions (such as on what patches to bring to LKML next).
(Log in to post comments)
|
|||||||||||||