|
|
Subscribe / Log in / New account

Poettering: Revisiting how we put together Linux systems

Poettering: Revisiting how we put together Linux systems

Posted Sep 2, 2014 0:25 UTC (Tue) by mezcalero (subscriber, #45103)
In reply to: Poettering: Revisiting how we put together Linux systems by ibukanov
Parent article: Poettering: Revisiting how we put together Linux systems

Well, we can certainly improve the technical measure to make security bugs less problematic (and we do, because we'll do sandboxing of desktop apps you download according this scheme), but software will *always* have bugs, it's written by humans after all. There is no system that can make all security bugs disappear.

Security fixes must happen, there is no way around that. However, we need to make sure that we allow them to be done by people who have the expertise and focus on fixing them. Hence: programs like firefox or google earth that you download from their respective website usually come with a ton of bundled libraries, in the versions mozilla or google has tested their stuff with. Now these vendors are actually not that interested in those libraries, they are primarily just interested in their own app code. So, the runtime concept is about attempting to put together a fixed set of libraries in a fixed set of versions that is basically immutable (modulo the minimal changes necessary to do CVE fixes), maintained by people who actually care about the library code. This way, you give the app vendors what they want (which is a fixed set of libraries, in specific versions that they can test stuff with and where they know that it is exactly this version the stuff will ultimately run on) but at the same time you retain the ability to minimally update the libraries for CVEs, because the runtimes are still maintained by the runtime vendor, and not by a mostly-desinterested app vendor.

to post comments

Poettering: Revisiting how we put together Linux systems

Posted Sep 2, 2014 5:59 UTC (Tue) by ibukanov (subscriber, #3942) [Link] (2 responses)

The question is why Google and Mozilla bundle libraries in the first place. This happens precisely because distributions failed for provide stable interfaces to maintained libraries with CVE fixes. I do not see how the proposal changes the situation.

And that is the reason I am rather skeptical about compatibility claims in the proposal. On the other hand anything that can get 100% reliable and revertible updates together with goodies likes read-only /usr are extremely welcomed.

Poettering: Revisiting how we put together Linux systems

Posted Sep 2, 2014 10:08 UTC (Tue) by roc (subscriber, #30627) [Link] (1 responses)

We bundle libraries for various reasons:
a) To use later versions of libraries than distros are shipping. This lets us fix security and other bugs faster.
b) To expose interfaces and functionality that aren't widely deployed yet and possibly won't ever go upstream.
c) To increase consistency across platforms. This helps reduce our bug load.

Poettering: Revisiting how we put together Linux systems

Posted Sep 7, 2014 17:51 UTC (Sun) by pabs (subscriber, #43278) [Link]

Unfortunately embedding makes more work for distributions, which is why they have policies against it.

https://wiki.debian.org/EmbeddedCodeCopies


Copyright © 2025, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds