Reporting Kernel Security Issues
Source: KernelTrap.org - Posted by Benjamin D. Thomas   
Host Security A lengthy and interesting thread was started on the lkml by Chris Wright looking to define a centralized place to report security issues in the Linux Kernel. Chris offered his services in getting things set up, addressing his email to Linus Torvalds, Andrew Morton [interview], Alan Cox [interview] and Marcelo Tosatti [interview]. He explained that he wanted to centralize the information "to help track it, make sure things don't fall through the cracks, and make sure of timely fix and disclosure". The resulting discussion was joined by numerous members of the kernel hacking community, exposing a wide range of opinions.

Linus agreed that it sounded like a good idea, but qualified this by adding, "the _only_ requirement that I have is that there be no stupid embargo on the list. Any list with a time limit (vendor-sec) I will not have anything to do with." An embargo in this case is the time period from when a security problem is first reported to when a fix can be made public.

Read this full article at KernelTrap.org

Comments
How to make a boy in your class to likeWritten by Danielle Hubbard on 2006-12-09 16:52:52
list of things to make a boy in your school to fall in love with you

Only registered users can write comments.
Please login or register.

Powered by AkoComment!