Stable kernel 2.6.38.7

Posted May 22, 2011 19:04 UTC (Sun) by Cyberax (✭ supporter ✭, #52523)
In reply to: Stable kernel 2.6.38.7 by arekm
Parent article: Stable kernel 2.6.38.7

By now, everybody and their NSA should operate under assumption that Linux by itself is NOT secure.

It might be fairly secure from remote exploitation, but security from local exploits? Forget it.

Stable kernel 2.6.38.7

Posted May 23, 2011 2:28 UTC (Mon) by dgm (subscriber, #49227) [Link]

Nobody with a hint of what security means would say that Linux is, or has ever been, completely secure. Alan Cox, for example, said so explicitly in 2006: http://www.techrepublic.com/article/linux-expert-warns-of...

Linus himself has said it many times, too (I cannot find the cite right now).

It's not the first time a bug that allows local or remote compromise has been published, and fixed. if anything, Linux' developers can (and do) claim that they are fast to plug holes once they are aware of them, reducing the amount of time most systems are exposed.

So, what's so new and game changing?

Stable kernel 2.6.38.7

Posted May 24, 2011 0:44 UTC (Tue) by jjs (guest, #10315) [Link] (1 responses)

> By now, everybody and their NSA should operate under assumption that Linux by itself is NOT secure.

Of course, neither is any other OS or application in widespread use.

Stable kernel 2.6.38.7

Posted May 25, 2011 11:26 UTC (Wed) by Cyberax (✭ supporter ✭, #52523) [Link]

Not really. There are secure OSes (mostly academic ones).

I'd trust QNX much more than I trust Linux, for example. Then there are academic OSes written in safe languages (Singularity) and with the proven microkernel (seL4 - http://ertos.nicta.com.au/research/l4.verified/).

Ditching C for something more secure goes a long way to make OS more robust.