Subject: Re: Linux Kernel Audit Project?
From: Alan Cox <alan@lxorguk.ukuu.org.uk>
To: John Richard Moser <nigelenki@comcast.net>
Cc: Linux Kernel Mailing List <linux-kernel@vger.kernel.org>
In-Reply-To: <41EB6BD6.5070702@comcast.net>
References: <41EB6691.10905@comcast.net>  <41EB6BD6.5070702@comcast.net>
Content-Type: text/plain
Content-Transfer-Encoding: 7bit
Message-Id: <1105962233.12709.68.camel@localhost.localdomain>
Mime-Version: 1.0
Date: Mon, 17 Jan 2005 12:23:35 +0000
Sender: linux-kernel-owner@vger.kernel.org
Content-Length: 1269
Lines: 28

On Llu, 2005-01-17 at 07:40, John Richard Moser wrote:
> On the same line, I've been graphing Ubuntu Linux Security Notices for a
> while.  I've noticed that in the last 5, the number of kernel-related
> vulnerabilities has doubled (3 more).  This disturbs me.

I've been monitoring the kernel security stuff for a long time too.
There are several obvious trends and I think most are positive

- Tools like coverity and sparse are significantly increasing the number
of flaws found. In particular they are turning up long time flaws in
code, but they also mean new flaws of that type are being found. People
aren't really turning these tools onto user space - yet -

- We get bursts of holes of a given type. If you plot things like
"buffer overflow" "structure passed to user space not cleaned" "maths
overflow check error" against time you'll see they show definite
patterns with spikes decaying at different rates towards zero.

There are also people other than Linus who read every single changeset.
I do for one.

Alan

-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/