[Cryptography] Use Linux for its security
Bill Frantz
frantz at pwpconsult.com
Wed Sep 28 18:16:17 EDT 2016
On 9/27/16 at 8:48 AM, leichter at lrw.com (Jerry Leichter) wrote:
>Not.
>
>"Critical and high-severity security bugs in the upstream
>kernel have lifespans from 3.3 to 6.4 years between commit and discovery."
>
>http://arstechnica.com/security/2016/09/linux-kernel-security-needs-fixing/
I will note that most of the kernel security bugs they found
were in device drivers. CapROS has managed to run Linux device
drivers as "user mode" programs. That means that many of the
protections the OS provides apply to device drivers also. CapROS
is released under GPL. Perhaps Linux should adapt the idea, and
even some of the code, to their problem.
Cheers - Bill
-----------------------------------------------------------------------
Bill Frantz |The nice thing about standards| Periwinkle
(408)356-8506 |is there are so many to choose| 16345
Englewood Ave
www.pwpconsult.com |from. - Andrew Tanenbaum | Los Gatos,
CA 95032
More information about the cryptography
mailing list