Mailinglist Archive: opensuse-factory (564 mails)
| < Previous | Next > |
Re: [opensuse-factory] Re: [opensuse-kernel] debugfs mounted by default - necessary?
- From: Marcus Meissner <meissner@xxxxxxx>
- Date: Wed, 7 Dec 2011 14:49:44 +0100
- Message-id: <20111207134943.GC2441@suse.de>
On Tue, Dec 06, 2011 at 04:03:17PM -0800, Greg KH wrote:
Of course you fixed all known issues. (here are some:
http://openwall.com/lists/oss-security/2011/02/22/4
http://www.openwall.com/lists/oss-security/2011/01/24/5
)
The kernel developers so far fixed the ones that appeared
in good time and quality (well, except for by CVE documentation,
but thats another topic).
The problem with security problems is however also the time window
between those 4 steps in the timeline:
"Blackhats know it and exploit it"
"The kernel community knows it and has fixed it"
"The distributors have shipped the fix"
"The admins have deployed the fix"
which usually are counted in weeks if not months or years.
So avoiding security bugs altogether is even better then getting them
fixed fast for all including the system admins. Reducing the attack
surface is one method, even if there are no known issues.
That I have 504 fixed kernel security bugs in my bugtracker is perhaps
one point explaining my insistence on reducing the attack surface.
That 33 are open and yet to be fixed in my bugtracker is also not
helping.
"principle of least privilege" is probably the better wording.
Ciao, Marcus
--
To unsubscribe, e-mail: opensuse-factory+unsubscribe@xxxxxxxxxxxx
To contact the owner, e-mail: opensuse-factory+owner@xxxxxxxxxxxx
On 06/12/11 16:10, Brian K. White wrote:
Having a lot lot of stuff exposed and believing that it's all ok is
fundamentally less secure than not exposing anything in the first place.
So, what you are really saying is that you don't trust the kernel
developers to get things right?
Seriously, I've yet to see one specific example of a debugfs file that
is "unsafe" in todays kernel. I understand the wish for some people to
"control the exposed area", but if I take that to its logical
conclusion, the same people will want the option to disable system calls
that they feel no one should ever use as well?
Of course you fixed all known issues. (here are some:
http://openwall.com/lists/oss-security/2011/02/22/4
http://www.openwall.com/lists/oss-security/2011/01/24/5
)
The kernel developers so far fixed the ones that appeared
in good time and quality (well, except for by CVE documentation,
but thats another topic).
The problem with security problems is however also the time window
between those 4 steps in the timeline:
"Blackhats know it and exploit it"
"The kernel community knows it and has fixed it"
"The distributors have shipped the fix"
"The admins have deployed the fix"
which usually are counted in weeks if not months or years.
So avoiding security bugs altogether is even better then getting them
fixed fast for all including the system admins. Reducing the attack
surface is one method, even if there are no known issues.
That I have 504 fixed kernel security bugs in my bugtracker is perhaps
one point explaining my insistence on reducing the attack surface.
That 33 are open and yet to be fixed in my bugtracker is also not
helping.
I still see this whole thing as basic "fear of the unknown". To solve
that, make it "known". Seriously, audit the code, it's there for all to
see. If you see problems with it, it will be fixed.
"principle of least privilege" is probably the better wording.
Ciao, Marcus
--
To unsubscribe, e-mail: opensuse-factory+unsubscribe@xxxxxxxxxxxx
To contact the owner, e-mail: opensuse-factory+owner@xxxxxxxxxxxx
| < Previous | Next > |