During the disclosure of some recent vulnerabilities in the Linux kernel, I learned some things about Linux kernel security that was truly shocking. The way security in the Linux kernel is handled is broken, and it needs to be fixed right now.
I'm a big proponent of open source software. Although personally I'm a huge follower of BSD-based operating systems, I keep an open and analytical mind when looking at any OS. Unfortunately, I was totally blown away with some of the things that I learned about Linux kernel security during the release of some recent vulnerabilities in the kernel code.
First and foremost, let's take a look at a very vague term that's often referred to in the security industry as "responsible disclosure".
The link for this article located at SecurityFocus.com is no longer available.
