From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from pigeon.gentoo.org ([69.77.167.62] helo=lists.gentoo.org) by finch.gentoo.org with esmtp (Exim 4.60) (envelope-from ) id 1JRuf0-0005h7-57 for garchives@archives.gentoo.org; Wed, 20 Feb 2008 19:31:18 +0000 Received: from pigeon.gentoo.org (localhost [127.0.0.1]) by pigeon.gentoo.org (Postfix) with SMTP id 32EBCE03E0; Wed, 20 Feb 2008 19:30:31 +0000 (UTC) Received: from an-out-0708.google.com (an-out-0708.google.com [209.85.132.246]) by pigeon.gentoo.org (Postfix) with ESMTP id 8E127E03DE for ; Wed, 20 Feb 2008 19:30:30 +0000 (UTC) Received: by an-out-0708.google.com with SMTP id c8so585568ana.47 for ; Wed, 20 Feb 2008 11:30:30 -0800 (PST) Received: by 10.100.143.12 with SMTP id q12mr17887690and.82.1203535830087; Wed, 20 Feb 2008 11:30:30 -0800 (PST) Received: from ?92.65.199.138? ( [92.65.199.138]) by mx.google.com with ESMTPS id k5sm122646nfh.5.2008.02.20.11.30.28 (version=SSLv3 cipher=RC4-MD5); Wed, 20 Feb 2008 11:30:29 -0800 (PST) Subject: Re: [gentoo-security] Kernel Security + KISS From: "C." =?ISO-8859-1?Q?Bergstr=F6m?= To: gentoo-security@lists.gentoo.org In-Reply-To: <200802201359.55663.sysadmin@tacticalbusinesspartners.com> References: <200802180512.35888.rbu@gentoo.org> <200802201359.55663.sysadmin@tacticalbusinesspartners.com> Content-Type: text/plain Date: Wed, 20 Feb 2008 20:28:11 +0100 Message-Id: <1203535691.6611.178.camel@chaos> Precedence: bulk List-Post: List-Help: List-Unsubscribe: List-Subscribe: List-Id: Gentoo Linux mail X-BeenThere: gentoo-security@lists.gentoo.org Reply-to: gentoo-security@lists.gentoo.org Mime-Version: 1.0 X-Mailer: Evolution 2.12.3 Content-Transfer-Encoding: 7bit X-Archives-Salt: d472323b-4224-4ddc-a4e3-e1f66395d897 X-Archives-Hash: 6ee9218c6f0db23bf27ee056c70011d8 On Wed, 2008-02-20 at 13:59 -0500, Harlan Lieberman-Berg wrote: > On Sunday 17 February 2008 23:12:35 Robert Buchholz wrote: > > On Sunday, 17. February 2008, Eduardo Tongson wrote: > > > What specific kernel knowledge is needed to get a Kernel advisory up > > > and running ? > > > > Between becoming aware of a vulnerability in Linux and drafting an advisory > > for one or all kernel sources comes the part where you review which > > versions of which kernel sources are affected and unaffected. You also > > need to pay attention to specifics of the added patchsets, which might > > duplicate vulnerabilities. > > > > Parts of the job can indeed be done without Kernel and C knowledge, but > > some cannot. So if we draft a new kernel security *team*, people without C > > and kernel knowledge are helpful -- some others need to have it, though. > > > > Robert > > To be honest, 99% of what is done in the kernel security team can be done with > no C knowledge at all. > > I'm not an expert C person - far from it - but I eventually became the head of > Kernel Security until I retired a few months ago. > > Most of it is bug handling. The major problem is a social, not a technical > one. Because of the manner in which our kernels are organized, a single > vulnerability involves checking upstream version numbers, coordinating them > into our downstream version numbers for all sources, checking to see if the > sources are effected, figuring out who to CC for the bugs, then harassing > them until they do it. > > Unlike other security sources, any attempt to hardmask the package is shutdown > instantly. The chaos that would result from a kernel hardmask, even one of > the lesser used ones, caused me to only successfully order one over my entire > career in Gentoo Kernsec... even though more around 30 would have been > needed. It is not infrequently that bugs will last six months without any > action coming about them, and users are blissfully unaware. > > I am happy to give my input as the former head of Kernel Security, but it is > my personal opinion that any advances in kernel security will require the > full cooperation of security, and letting the head of kernel security be able > to actually enforce threats, as that seems to be the only way bugs ever get > resolved. Pleading didn't work - I tried. Very insightful. thanks.. I've no time to spare at the moment so just trying to brainstorm out loud. Outside of the hardened kernel what and the various foo-kernel what's the benefit of not just playing follow-the-leader. Maybe it's possible to just copy something more well maintained.. RH, Debian.. It would require Kernel security maintain a kernel, but then you'd never have to fight the maintainer when you issue a security fix which was pushed from upstream. RH and friend would even guarantee it doesn't break things to some extent. I'm sure this has been thought of before, but not sure why it's not adopted.... ./C -- gentoo-security@lists.gentoo.org mailing list