Microsft Updates and Linux Security

Looks like Microsoft has now posted some updates for these vulnerabilities. Not too bad of a turn around time this around, but still multiple days for a fairly serious issue. On the issue of security, this email was recently posted to LWN. It details some issues spender from the GRsecurity team has with the current security model of the Linux kernel. While I don't agree with everything he says, he does bring up some valid points. In the comments, someone from the PaX team does bring up something that I agree with very much. We'd be well served if there was a single Security contact for the kernel . This person could serve as a single point of contact for all security related issues, route patches to the correct places, and most importantly gain the trust of the security experts who are finding the wholes (which the vendor-sec list seems not to have done).

Leave a Reply

Please log in using one of these methods to post your comment:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

%d bloggers like this: