DaemonForums  

Go Back   DaemonForums > Miscellaneous > Off-Topic

Off-Topic Everything else.

 
 
Thread Tools Display Modes
Prev Previous Post   Next Post Next
  #1   (View Single Post)  
Old 8th October 2015
cynwulf cynwulf is offline
Package Pilot
 
Join Date: Mar 2014
Posts: 161
Default LinuxCon 2015 - Linus says "I’m sure we could do better" on kernel security

Quote:
On kernel security:

I’m sure we could do better, but we have a fair amount of tools to do static checking for common patterns--and we haven’t had anyone say this is unfixable, rewrite it all. Don’t get me wrong, security people will always be unhappy. But the kernel poses special challenges, because any bug can be a security bug. We also have to keep in mind that most of the kernel is drivers, a big chunk of the rest is architecture specific, and there are 25 million lines of code. So it’s really hard to have people go over it; we have to rely on automated testing and on tools. There are too many lines in too many obscure places for humans to really check.
http://www.linux.com/news/software/l...linus-torvalds

Even with my very limited experience of this, it seems like this equates to proper code auditing not really being possible because there's 'too much code' to audit? With most of the Linux kernel being drivers, you have to wonder what percentage of those drivers are unmaintained and supporting long dead hardware which 99.999% are not using?
Reply With Quote
 

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
Difference between"arp info overwritten" and " duplicate IP address " varag OpenBSD Security 1 6th April 2015 02:57 PM
"the OpenBSD kernel will only recognize 3.1 gig of RAM"? hanzer OpenBSD General 8 20th January 2015 06:48 PM
Blog article "Security: OpenBSD VS FreeBSD" gkbsd OpenBSD Security 11 13th January 2015 11:48 PM
Fixed "xinit" after _7 _8, "how" here in case anyones' "X" breaks... using "nvidia" jb_daefo Guides 0 5th October 2009 09:31 PM
New Kernel: "make depend" doesn't work nihonto NetBSD General 9 23rd January 2009 09:02 PM


All times are GMT. The time now is 08:15 PM.


Powered by vBulletin® Version 3.8.4
Copyright ©2000 - 2017, Jelsoft Enterprises Ltd.
Content copyright © 2007-2010, the authors
Daemon image copyright ©1988, Marshall Kirk McKusick