From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from pigeon.gentoo.org ([69.77.167.62] helo=lists.gentoo.org) by finch.gentoo.org with esmtp (Exim 4.60) (envelope-from ) id 1JS7pS-0003fC-Or for garchives@archives.gentoo.org; Thu, 21 Feb 2008 09:34:59 +0000 Received: from pigeon.gentoo.org (localhost [127.0.0.1]) by pigeon.gentoo.org (Postfix) with SMTP id D69B2E04CC; Thu, 21 Feb 2008 09:34:11 +0000 (UTC) Received: from ug-out-1314.google.com (ug-out-1314.google.com [66.249.92.170]) by pigeon.gentoo.org (Postfix) with ESMTP id E80B2E04BA for ; Thu, 21 Feb 2008 09:34:10 +0000 (UTC) Received: by ug-out-1314.google.com with SMTP id j3so933216ugf.49 for ; Thu, 21 Feb 2008 01:34:10 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:received:received:message-id:date:from:user-agent:mime-version:to:subject:references:in-reply-to:content-type:content-transfer-encoding; bh=HDiSsLgZ7IXsyVnWZYeSB9UY0DieMeHQB1prU/ZLmZ8=; b=hLm83TAkFMlQR6DFoVOdLdR5FDuuIWjGgee5sEAvNcTqpEhcc9HyI2wHfYgeH+lwTFuCpurqxN0Lk8KOXrleFx9+smZyu6M1LvIZQNfKj4CnyGVgvZcEyJiP5dr5IJxQXN6ZjNvLDelUHvQN39Zn56gVek0bfs32dVfgmlTVYNg= DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=message-id:date:from:user-agent:mime-version:to:subject:references:in-reply-to:content-type:content-transfer-encoding; b=hZpRWtEDKYakDQjBeKRVFET1wZjQdj5E9c0agwuZOyYv1ayI//evXbCm047BcBM3nxekX4mNw+VDK3fo7xotAKxfc1jwwuXev0lClIYahA3x7QQ7+0gAq4jykcOuOh0H3l8v+3xx0B1GrWNV3NAh+TVVkvcrOqP5h+qSFHR+keg= Received: by 10.66.221.5 with SMTP id t5mr654474ugg.83.1203586450034; Thu, 21 Feb 2008 01:34:10 -0800 (PST) Received: from ?192.168.1.36? ( [81.79.219.236]) by mx.google.com with ESMTPS id 24sm10563807ugf.22.2008.02.21.01.34.07 (version=SSLv3 cipher=RC4-MD5); Thu, 21 Feb 2008 01:34:08 -0800 (PST) Message-ID: <47BD458E.3010906@gmail.com> Date: Thu, 21 Feb 2008 09:34:06 +0000 From: George Prowse User-Agent: Thunderbird 2.0.0.9 (Windows/20071031) Precedence: bulk List-Post: List-Help: List-Unsubscribe: List-Subscribe: List-Id: Gentoo Linux mail X-BeenThere: gentoo-security@lists.gentoo.org Reply-to: gentoo-security@lists.gentoo.org MIME-Version: 1.0 To: gentoo-security@lists.gentoo.org Subject: Re: [gentoo-security] Kernel Security + KISS References: <200802180512.35888.rbu@gentoo.org> <200802201359.55663.sysadmin@tacticalbusinesspartners.com> <1203548143.26804.29.camel@media> <1203574802.6841.14.camel@notebook> <20080221070213.GA6385@quasar.las> <83c2b2e00802210114q1d5beba5gcaa478df808020d6@mail.gmail.com> In-Reply-To: <83c2b2e00802210114q1d5beba5gcaa478df808020d6@mail.gmail.com> Content-Type: text/plain; charset=UTF-8; format=flowed Content-Transfer-Encoding: quoted-printable X-Archives-Salt: fbe5f165-b649-4eb1-ae85-4da170b7b1b9 X-Archives-Hash: 0a4bba7f8e60af5f41bb5d31e955b062 Im interested, no C knowledge but plenty of time, passed the dev exam=20 and a willingness to learn. It's been on my agenda for a long time. nick loeve wrote: > I can help also... i have limited free time but am willing to put in > some hours... >=20 > I have medium C knowledge, reasonable kernel experience, and also a > strong linux background >=20 > On Thu, Feb 21, 2008 at 8:02 AM, Arthur Bispo de Castro > wrote: >> I'm interested... little C knowledge, very curious about kernel, stron= g >> linux background... >> >> is there another prereq to join this? >> >> >> >> On Thu, Feb 21, 2008 at 04:20:02AM -0200, Juan Pablo Olivera wrote: >> > I am interested too :) >> > >> > No C knowledge but strong linux background and very organized guy. >> > >> > On Thu, 2008-02-21 at 01:05 -0500, Casey Link wrote: >> > > It would probably help if we knew how many people were interested= . >> > > >> > > I am. +1 >> > > >> > > Casey >> > > >> > > On Wed, Feb 20, 2008 at 10:16 PM, Eduardo Tongson wrote: >> > > > Alright how do we proceed to get this team started. >> > > > >> > > > ed*eonsec >> > > > >> > > > >> > > > >> > > > On Thu, Feb 21, 2008 at 6:55 AM, Ned Ludd w= rote: >> > > > > >> > > > > >> > > > > On Wed, 2008-02-20 at 13:59 -0500, Harlan Lieberman-Berg wr= ote: >> > > > > > On Sunday 17 February 2008 23:12:35 Robert Buchholz wrote= : >> > > > > > > On Sunday, 17. February 2008, Eduardo Tongson wrote: >> > > > > > > > What specific kernel knowledge is needed to get a Ker= nel advisory up >> > > > > > > > and running ? >> > > > > > > >> > > > > > > Between becoming aware of a vulnerability in Linux and = drafting an advisory >> > > > > > > for one or all kernel sources comes the part where you = review which >> > > > > > > versions of which kernel sources are affected and unaff= ected. You also >> > > > > > > need to pay attention to specifics of the added patchse= ts, which might >> > > > > > > duplicate vulnerabilities. >> > > > > > > >> > > > > > > Parts of the job can indeed be done without Kernel and = C knowledge, but >> > > > > > > some cannot. So if we draft a new kernel security *team= *, people without C >> > > > > > > and kernel knowledge are helpful -- some others need to= have it, though. >> > > > > > > >> > > > > > > Robert >> > > > > > >> > > > > > To be honest, 99% of what is done in the kernel security = team can be done with >> > > > > > no C knowledge at all. >> > > > > > >> > > > > > I'm not an expert C person - far from it - but I eventual= ly became the head of >> > > > > > Kernel Security until I retired a few months ago. >> > > > > > >> > > > > > Most of it is bug handling. The major problem is a socia= l, not a technical >> > > > > > one. Because of the manner in which our kernels are orga= nized, a single >> > > > > > vulnerability involves checking upstream version numbers,= coordinating them >> > > > > > into our downstream version numbers for all sources, chec= king to see if the >> > > > > > sources are effected, figuring out who to CC for the bugs= , then harassing >> > > > > > them until they do it. >> > > > > > >> > > > > > Unlike other security sources, any attempt to hardmask th= e package is shutdown >> > > > > > instantly. The chaos that would result from a kernel har= dmask, even one of >> > > > > > the lesser used ones, caused me to only successfully orde= r one over my entire >> > > > > > career in Gentoo Kernsec... even though more around 30 wo= uld have been >> > > > > > needed. It is not infrequently that bugs will last six m= onths without any >> > > > > > action coming about them, and users are blissfully unawar= e. >> > > > > > >> > > > > > I am happy to give my input as the former head of Kernel = Security, but it is >> > > > > > my personal opinion that any advances in kernel security = will require the >> > > > > > full cooperation of security, and letting the head of ker= nel security be able >> > > > > > to actually enforce threats, as that seems to be the only= way bugs ever get >> > > > > > resolved. Pleading didn't work - I tried. >> > > > > > >> > > > > > -Harlan Lieberman-Berg >> > > > > > Gentoo Developer Emeritus >> > > > > >> > > > > >> > > > > Every word of what you said is painfully true. The only way= to >> > > > > accomplish this would be with an Iron Fist(fail) or a team = of ~15 guys >> > > > > who do nothing but patch and push new kernels and the PR th= at goes along >> > > > > with them every few days. >> > > > > -- >> > > > > Ned Ludd >> > > > > >> > > > > >> > > > > >> > > > > -- >> > > > > gentoo-security@lists.gentoo.org mailing list >> > > > > >> > > > > >> > > > -- >> > > > gentoo-security@lists.gentoo.org mailing list >> > > > >> > > > >> > >> > -- >> > gentoo-security@lists.gentoo.org mailing list >> >> -- >> Arthur Bispo de Castro >> Laborat=C3=B3rio de Administra=C3=A7=C3=A3o e Seguran=C3=A7a (LAS/IC) >> Universidade Estadual de Campinas (UNICAMP) >> -- >> >> >> gentoo-security@lists.gentoo.org mailing list >> >> >=20 >=20 >=20 --=20 gentoo-security@lists.gentoo.org mailing list