RE: Future Linux devel. Kernels

From: Ron Van Dam (
Date: Tue May 09 2000 - 16:49:42 EST

>> IP> A very better idea is to secure programs, and avoid programs running
>> IP> root.
>> In ideal world - yes. In real world it does not work: programs are
>> by humans and thus holes are inavoidable in programs of decent size.

>I rather have a hole in my non-user running app then in some app that runs
>as root..

 Is there any way to compromise root, via a buffer overflow or some other
means, even if the application using a non-previleged user id? Aren't there
situations where running a userland daemon requires root access. For
instance, arpd or a routing daemon (routed, gated) that needs be able to
write settings into the kernel?

Is it possible to configure the Linux kernel so that it is secure. If so,
what are your thoughts about including a configure option "make config" to
secure the kernel. So that unsecure functions were disabled when runnning in
mult-user mode? I understand this would break some userland apps (X,
multimedia apps, etc). However If your setting up a linux box as a firewall
or web server or a box that needs to very secure, I don't think these types
of apps would be installed anyway. Would there be really any need for direct
hardware access for a box serving as a firewall or Web server?

Would a "Sercure Kernel" compile option be an acceptable solution/compromise
to this issue?

To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to
Please read the FAQ at

This archive was generated by hypermail 2b29 : Mon May 15 2000 - 21:00:14 EST