[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

suggestion.

To: kernel audit <kernel-audit@nl.linux.org>
Subject: suggestion.
From: Marc Esipovich <marc@mucom.co.il>
Date: Sun, 11 Jun 2000 22:48:40 -0200
Sender: owner-kernel-audit@nl.linux.org
User-Agent: Mutt/1.2i

 Hi everybody, 

	I think the best thing would be to divide the kernel into auditable parts,
most importat portions - directly related to security, should be audited first.
especially parts where well-known bugs were found.

	Here is a small list, please add.

	1.	The binary loaders, a,out, elf...

	2.	In 2.[24].x kernels, the cap stuff. 

	3.	proc filesystem.

	4.	NET (ipv4 for now)

	5.	Filesystem code, mostly DoS and data corruption. this will require
people who know their way around filesystems,  not for the general auditing crowd.
	6.	Stress testing the kernel in every imaginable way is bound to
find *something*, be creative.


	IMHO, the kernel tree which requires the most effort for now is 2.2.
yes, 2.0 is still alive kicking,  but soon enough 2.2 will become the
stable "old" kernel, just like 2.0.  

	We should not be auditing development kernels.


		Marc.

Kernel-audit:  discussion list for security and the linux kernel
Archive:       http://mail.nl.linux.org/kernel-audit/

Follow-Ups:
- Re: suggestion.
  - From: David Ford <david@kalifornia.com>
- Re: suggestion.
  - From: "David L. Craig" <dlc@Radix.Net>

Prev by Date: Re: Spam test
Next by Date: Re: suggestion.
Prev by thread: Another spam test
Next by thread: Re: suggestion.
Index(es):
- Date
- Thread