Re: (MAC/DAC) RE: Future Linux devel. Kernels

From: Linda Walsh (
Date: Tue May 09 2000 - 14:09:28 EST

Chris Evans wrote:
> So with MAC we'll get a lot less grief from userspace
> insecurity. Superb. Suddenly, the only thing worth subverting is the
> kernel. Fact 1: A monolithic kernel is a lot of code. Fact 2: A large
> reason for userspace insecurity is the sheer volume of code which runs
> with high privilege. Use facts 1 and 2 to predict the future ;-)

	So let's see.  kernel is 97 meg now.  You add maybe
20K-100K of code to make it more secure.  Code that would be
reviewed up the ying-yang by 100's of people.  

I predict a more solid Linux Base.

The problem with tons of userspace apps is not just that so much runs with privilege -- the problem is that you don't have enough people reviewing changes that go in. Oftimes it's one person's or a few people's baby that gets popular. The kernel isn't just looked at by 1 or 2 people. The common code probably gets looked at by everyone if they are writing anything to do with the kernel -- they have to -- the only up to date kernel docs are the source. 100's of pairs of eyes are way better than 1 or 3 or 5. How many people are working on something like 'vim'? How many look at it? Even 'su' -- how many kernel hackers have looked at the code to 'su' or 'ftp' or 'login'? I'm sure some of us have, but no where near the numbers of people who look at the kernel code.

-l -- Linda Walsh @ SGI | Core Linux - Trust Technology 1200 Crittenden Lane MS:30-3-802 | Voice: (650) 933-5338 Mountain View, CA 94043 | Email:

- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to Please read the FAQ at

This archive was generated by hypermail 2b29 : Mon May 15 2000 - 21:00:14 EST