|
|
Subscribe / Log in / New account

Reactive vs. pro-active kernel security

Reactive vs. pro-active kernel security

Posted Jul 14, 2011 3:10 UTC (Thu) by Baylink (guest, #755)
Parent article: Reactive vs. pro-active kernel security

I am the first guy to say that I don't want Linux to start pulling punches (even when, as has happened here once or twice, he's throwing them at me :-)... but did anyone tell Kulikov -- who you say is a GSoC student -- to make sure he was wearing his pads, before he got turned loose?

The argument's been made here -- also aimed at me -- that it doesn't matter whether the developers who are getting scared away are female or *not* -- the problem is the guy throwing the punches, and it doesn't matter who that is.

I think that this particular exchange gives the lie to that assertion -- even if only because both parties would assert it's "not personal; only business"... because they would be *right*.

to post comments

Reactive vs. pro-active kernel security

Posted Jul 14, 2011 4:32 UTC (Thu) by jrn (subscriber, #64214) [Link] (2 responses)

I don't know if anyone told him to, but he seems to have taken the advice gracefully and it doesn't look to me like it turned out to be such an unpleasant exchange. Bravo to him.

Reactive vs. pro-active kernel security

Posted Jul 21, 2011 3:25 UTC (Thu) by wtanksleyjr (subscriber, #74601) [Link]

Good for him. I wish I'd done something cool enough to get yelled at by Torvalds (Linus, not Tove).

That would go on my resume. It wouldn't match any HR keywords, but many engineers would notice and remember THAT candidate.

Reactive vs. pro-active kernel security

Posted Jul 21, 2011 21:11 UTC (Thu) by solardiz (guest, #35993) [Link]

There have been other kinds of exchanges between Vasiliy and Linus as well. For example, here's Linus approving another security relevant patch posted by Vasiliy:

http://www.openwall.com/lists/kernel-hardening/2011/07/12/2

Here's Vasiliy's "GSoC midterm accomplishments" summary:

http://www.openwall.com/lists/kernel-hardening/2011/07/19/3

There was no expectation that all patches would be accepted. This project is about revising and submitting the various security hardening changes properly, which is something that hasn't been done for many of them yet because it's such a mostly thankless job to do. Vasiliy was well aware of what he was getting into. :-) Before starting this project, he found and patched many vulnerabilities in the Linux kernel (mostly infoleaks) - those patches were applied upstream, as well as in distro kernels (you can see his name in plenty of distro vendor advisories about kernel updates). He also got the ICMP sockets patch applied in Linux 3.0:

http://lists.openwall.net/linux-kernel/2011/05/13/432

At Openwall, we're very happy to work with Vasiliy on this project (as well as on some other projects - e.g., Vasiliy did some work towards the Owl 3.0 release).

Others interested in joining the project or just watching are welcome to subscribe to the kernel-hardening mailing list:

http://www.openwall.com/lists/#subscribe

Vasiliy is CC'ing kernel-hardening on his LKML postings relevant to this project, and we also use the kernel-hardening list for additional discussions (such as on what patches to bring to LKML next).


Copyright © 2025, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds