[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: suggestion.

To: david+validemail@kalifornia.com
Subject: Re: suggestion.
From: James Bourne <jbourne@affinity-systems.ab.ca>
Date: Sun, 11 Jun 2000 16:35:26 -0600 (MDT)
cc: kernel-audit@nl.linux.org
In-Reply-To: <3943E77F.CC0A461C@kalifornia.com>
Sender: owner-kernel-audit@nl.linux.org

On Sun, 11 Jun 2000, David Ford wrote:

> I differ in opinion here, 2.2 is full of bugs which have been fixed in
> 2.3/2.4.  I suggest we start with the most current code base.  There is
> little merit in duplicating work that has already been done.  2.4 is at
> the door, almost ready to walk.

I agree with the former.  How many servers which need stability and are too
much of a pain to upgrade are still running a 2.0 kernel?  2.2 will be
around for a long time (it's really just starting to get good and stable
now) and when 2.4 does come out, it will be the same ball of hair, not being
fully accepted until it stablizes.  Anything caught in 2.2 can be of use in
2.4 to some extent at least.

Regards,
Jim

> 
> -d
> 
> Marc Esipovich wrote:
> 
> >  Hi everybody,
> >
> >         I think the best thing would be to divide the kernel into auditable parts,
> > most importat portions - directly related to security, should be audited first.
> > especially parts where well-known bugs were found.
> >
> >         Here is a small list, please add.
> >
> >         1.      The binary loaders, a,out, elf...
> >
> >         2.      In 2.[24].x kernels, the cap stuff.
> >
> >         3.      proc filesystem.
> >
> >         4.      NET (ipv4 for now)
> >
> >         5.      Filesystem code, mostly DoS and data corruption. this will require
> > people who know their way around filesystems,  not for the general auditing crowd.
> >         6.      Stress testing the kernel in every imaginable way is bound to
> > find *something*, be creative.
> >
> >         IMHO, the kernel tree which requires the most effort for now is
> > 2.2. yes, 2.0 is still alive kicking, but soon enough 2.2 will become
> > the stable "old" kernel, just like 2.0.
> >
> >         We should not be auditing development kernels.
> >
> >                 Marc.
> 
> --
> "The difference between 'involvement' and 'commitment' is like an
> eggs-and-ham breakfast: the chicken was 'involved' - the pig was
> 'committed'."
> 
> 
> 

-- 
James Bourne                  | Email:  jbourne@affinity-systems.ab.ca
Affinity Systems Inc.         | WWW: http://www.affinity-systems.ab.ca
Everything Linux              | Linux:  The choice of a GNU generation
----------------------------------------------------------------------
Unix System Administration, System programming, Network Administration


Kernel-audit:  discussion list for security and the linux kernel
Archive:       http://mail.nl.linux.org/kernel-audit/

Follow-Ups:
- Re: suggestion.
  - From: David Ford <david@kalifornia.com>
- Some suggestions.
  - From: Lars Gaarden <larsg@trustix.com>

References:
- Re: suggestion.
  - From: David Ford <david@kalifornia.com>

Prev by Date: RE: suggestion
Next by Date: Re: Only auditing current 2.4 code?
Prev by thread: Re: suggestion.
Next by thread: Re: suggestion.
Index(es):
- Date
- Thread