Starting point

[Anders M Montonen <ammonton@cc.helsinki.fi>]

Although I'm not a kernel hacker (please keep this in mind when reading)
I'd like to offer my thoughts on this project, which I find very
fascinating.

- It would be prudent to draw on the OpenBSD-project's
experience. Maybe some of the core crew could be a "guest lecturer"?
- Because the Linux development model differs so much from the *BSD
one, most methods can probably not be applied directly to this project.
- The LKAP should also work preventively by improving kernel (interface)
documentation and authoring documents on writing safe code.
- Any bugs found should be stomped. As experience has shown (and as has
been pointed out here) even bugs deemed harmless can be dangerous.
Besides, bugfixed code is good code.
- To get the show on the road, I would suggest choosing a core component
that has remained relatively stable between the "current" kernel series
(2.0 - 2.2 - 2.4)
- I would also suggest focusing on the upcoming 2.4 kernel. Auditing the
2.2 kernel would mean creating a rather large "lag".
- Once a certain version of the kernel has been audited, there remains
the task of auditing all upcoming patches. However, if this project is
successful (particularly regarding the educational angle) I predict that
this task will become easier as more developers start adhering to the
guidelines set out by the LKAP. Hopefully, this would free enough
resources to start following the development series kernel.
- The development series kernel would have to be followed in some way,
the alternative being starting from scratch each time a stable kernel is
released.

Of course, a completely different route to follow would be to start with
the 2.0 kernel, since it is bugfix-only at this stage.

-a


Kernel-audit:  discussion list for security and the linux kernel
Archive:       http://mail.nl.linux.org/kernel-audit/