Re: suggestion

[Marc Esipovich <marc@mucom.co.il>]

On Sun, Jun 11, 2000 at 11:22:44PM +0000, root wrote:
> > IMHO, we should start with the latest kernel in order not to do what is
> > already done...
> 
>  OK, but what  is already done?

Well,  if there were *real* kernel changelogs,  I mean real,  not just 'what 
regulars from lkml remember or know has been fixed or are aware of the problem'

People, instead of debating and debating to no end, let's start doing
something,  I suggest we start with stuff like, the binary loaders (elf, a.out)
the proc fs and capabilities,  things that have direct impact on security.

After all, "bugs" are nice to find,  but what we really need to concentrate on
are security-related bugs/problems, this is what started this list.

string-operations type audits will not do,  we're looking for stuff defected
in the most fundamental level,  glitches, logical errors, bad assumptions.

What we really need is people going through the code, understanding every line,
asking themselvs stuff like:

	Is this `if` statement correct?

	Should there be an if..else here?

	What does this `if` do?

These are just examples, there are so many things to look at. people
who will read kernel code in order to fully understand it will provide the
best results. grep-type audits will not work or almost not work.


		Marc.

Kernel-audit:  discussion list for security and the linux kernel
Archive:       http://mail.nl.linux.org/kernel-audit/