[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Starting point

To: kernel-audit@nl.linux.org
Subject: Re: Starting point
From: Bryan Paxton <evil7@bellsouth.net>
Date: Sat, 10 Jun 2000 19:43:47 -0500 (CDT)
Sender: owner-kernel-audit@nl.linux.org

On Sat, 10 Jun 2000, you wrote:
> Although I'm not a kernel hacker (please keep this in mind when reading)
> I'd like to offer my thoughts on this project, which I find very
> fascinating.

Who says you have to be a kernel hacker to contribute ? 
Ideas and voicing yourself is the first step in any project of this
magnitude, and I highly encourage it. I don't code myself. 

> - It would be prudent to draw on the OpenBSD-project's
> experience. Maybe some of the core crew could be a "guest lecturer"?

Yes surely, advice from the people at OpenBSD developers is nothing but
goods.

> - The LKAP should also work preventively by improving kernel (interface)
> documentation and authoring documents on writing safe code.

Education is a key factor in security. Whether someone wants takes the
time to sit down and write such a document or how-to remains to be seen
: )

> - Any bugs found should be stomped. As experience has shown (and as has
> been pointed out here) even bugs deemed harmless can be dangerous.
Agreed look at Rik's orginal "Where do we start ?" post. 

> Besides, bugfixed code is good code.
: )

> - To get the show on the road, I would suggest choosing a core component
> that has remained relatively stable between the "current" kernel series
> (2.0 - 2.2 - 2.4)

I think 2.2 would be the best place to start... Even when 2.4 is released 
most people/servers aren't going to upgrade right away for various
reasons.

> - I would also suggest focusing on the upcoming 2.4 kernel. Auditing the
> 2.2 kernel would mean creating a rather large "lag".
See above. Though I do think that some parts of the 2.4 series should be
audited first... netfilter, tcp/ip core, and fs.

> - Once a certain version of the kernel has been audited, there remains
> the task of auditing all upcoming patches. However, if this project is
> successful (particularly regarding the educational angle) I predict that
> this task will become easier as more developers start adhering to the
> guidelines set out by the LKAP. Hopefully, this would free enough
> resources to start following the development series kernel.

I wish you the best of luck on this one : ) 
hehe no really, this is a great idea... But EVERYONE must come together on
this, which isn't so much unrealistic but that it's gonna be while before
this happens IMHO.

> Of course, a completely different route to follow would be to start with
> the 2.0 kernel, since it is bugfix-only at this stage.
> 

This shall be decided by the majority of the community. 

This was a brilliant proposal, I hope to see more contributions from you
in the near(?) future.

-- 
Bryan Paxton

"How should I know if it works? That's what beta testers are for. I
          only coded it."
 -- Linus Torvalds.

Kernel-audit:  discussion list for security and the linux kernel
Archive:       http://mail.nl.linux.org/kernel-audit/

Follow-Ups:
- Re: Starting point
  - From: root <evpopkov@carry.neonet.lv>
- Re: Starting point
  - From: Kendall Lister <kendall@charon.net.au>

Prev by Date: Starting point
Next by Date: Re: Starting point
Prev by thread: Re: Starting point
Next by thread: Re: Starting point
Index(es):
- Date
- Thread