Re: Linux Kernel Audit Project?

From: John Richard Moser
Date: Mon Jan 17 2005 - 13:23:54 EST

Next message: H. Peter Anvin: "Re: [discuss] booting a kernel compiled with -mregparm=0"
Previous message: Mauricio Lin: "Re: [PATCH] A new entry for /proc"
In reply to: Adrian Bunk: "Re: Linux Kernel Audit Project?"
Next in thread: John Richard Moser: "Re: Linux Kernel Audit Project?"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Adrian Bunk wrote:
> On Mon, Jan 17, 2005 at 02:47:32AM -0500, John Richard Moser wrote:
>

[...]

>
> What exactly do you want to audit for?
>

Security holes

> If it's only for "ordinary" bugs, that's simply not feasible.
> The amount of patches going into 2.6 is currently at about 3 MB every
> week. You can hardly keep up with all of that - and even if you were
> able to do so, some theoretically correct patch might break in practice
> due to hardware bugs or bugs in some toolchain.
>

Understood.

> Regarding security audits:
> They aren't a bad idea, and not bound to new patches - much legacy code
> in the kernel has for sure more bugs than new code. The linus-kernel way
> for such a project is not to scream "We need SOMETHING" - the
> linux-kernel way is that you start with the work to get the ball rolling
> (and if other people are interested to work in the same area, give them
> some guidance).
>

I'm nowhere near being able to actually do a security audit. I
understand what an audit is, I understand what causes vulnerabilities,
but I'd probably only be able to see the most obvious things (like
strcpy(a,"Aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa") into a[4]).

If I had a few more years of experience, college out of the way, a good
job, and had some of my other projects moving along, maybe. . . .

> cu
> Adrian
>

- --
All content of all messages exchanged herein are left in the
Public Domain, unless otherwise explicitly stated.

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.0 (GNU/Linux)
Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org

iD8DBQFB6/61hDd4aOud5P8RAiTiAJ4jUrPCHj3f+NT5RsgKUGUXO4PSGQCfXW3E
SWJkAfcoqcbW9hD2Ew33R18=
=hnty
-----END PGP SIGNATURE-----
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Next message: H. Peter Anvin: "Re: [discuss] booting a kernel compiled with -mregparm=0"
Previous message: Mauricio Lin: "Re: [PATCH] A new entry for /proc"
In reply to: Adrian Bunk: "Re: Linux Kernel Audit Project?"
Next in thread: John Richard Moser: "Re: Linux Kernel Audit Project?"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]