Re: Starting point

[Martin Macok <martin.macok@underground.cz>]

On Sun, Jun 11, 2000 at 03:00:54AM +0300, Anders M Montonen wrote:
> - Because the Linux development model differs so much from the *BSD
> one, most methods can probably not be applied directly to this project.

I could not imagine the OpenBSD way in Linux development process.

OpenBSD release 1-2 kernels a year and they DOESN'T release anything that
WASN'T audited ... (security, stability, correctness, paranoia)

Linux release a kernel every week/month/day and they release almost
everything that seemes to work ... (speed, hardware support, stability)

I can't imagine way to audit all of 'their' changes.

Maybe choose ONE current release and audit it perfectly and then 
 - say to kernel-hackers "we have audited 2.x.y, we found this, this and
   that ... our 2.x.y-audited version/patch is here and please try to
   'merge' it into current/new releases"
 - then go along every change to current release and audit it OR
 - choose one release a year and create audited version (remove broken
   drivers, dangerous/untrusted things etc...)

> - The LKAP should also work preventively by improving kernel (interface)
> documentation and authoring documents on writing safe code.

IMHO this is a right(tm) place to start! Create REAL kernel documentation,
document interfaces, routines, principles, functions and structures - this
would be even good for newbies and prevention of misuse ... Auditing
would be a 'side effect' of this process.

Have a nice day

-- 
< Martin Mačok        martin.macok@underground.cz           <iso-8859-2> 
  \\  http://kocour.ms.mff.cuni.cz/~macok/  http://underground.cz/  //
    \\\             -=  t.r.u.s.t  n.0  o.n.e  =-                ///

PGP signature