User: Password:
|
|
Subscribe / Log in / New account

Kernel vulnerabilities: old or new?

Kernel vulnerabilities: old or new?

Posted Oct 20, 2010 21:14 UTC (Wed) by clugstj (subscriber, #4020)
In reply to: Kernel vulnerabilities: old or new? by kees
Parent article: Kernel vulnerabilities: old or new?

How about
d) are not so hardheaded that they will actually listen to what other people say.


(Log in to post comments)

Kernel vulnerabilities: old or new?

Posted Oct 20, 2010 23:42 UTC (Wed) by jamesmrh (guest, #31622) [Link]

Kees listened to what upstream folk said, but was lead in circles by them, and ultimately his Yama code was vetoed.

I'm not sure what the solution is.

Users can request the protections be added to their distros, which will at least get them better protected, and possibly help make a stronger case for upstream inclusion.

Another possibility is for a company with a strong involvement in Linux to hire someone with the traits a & b above, to act as a system-wide security coordinator / advocate. i.e. make it someone's paid job to work on kernel hardening.

Kernel vulnerabilities: old or new?

Posted Oct 21, 2010 9:15 UTC (Thu) by patrick_g (subscriber, #44470) [Link]

>>> Another possibility is for a company with a strong involvement in Linux to hire someone

Why not the Linux foundation ? Perhaps they can sponsors a few security experts ?
There is a "Linux fellow program" here => https://www.linuxfoundation.org/programs/developer/fellowship


Copyright © 2018, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds