Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Tue, 2 Oct 2012 09:23:27 -0700
From: Kees Cook <keescook@...omium.org>
To: Corey Bryant <coreyb@...ux.vnet.ibm.com>
Cc: kernel-hardening@...ts.openwall.com, James Morris <jmorris@...ei.org>, 
	Theodore Tso <tytso@...gle.com>, Paul Moore <pmoore@...hat.com>, Eric Paris <eparis@...hat.com>, 
	Tyler Hicks <tyhicks@...onical.com>, zohar@...ibm.com, john.johansen@...onical.com, 
	Dan Carpenter <dan.carpenter@...cle.com>, Fengguang Wu <fengguang.wu@...el.com>
Subject: Re: Linux Security Workgroup

On Thu, Sep 27, 2012 at 12:26 PM, Corey Bryant
<coreyb@...ux.vnet.ibm.com> wrote:
> At the Linux Security Summit we began discussing the Linux Security
> Workgroup and some of the efforts that we can focus on.
>
> The charter of the workgroup is to provide on-going security
> verification of Linux kernel subsystems in order to assist in securing the
> Linux Kernel and maintain trust and confidence in the security of the Linux
> ecosystem.
>
> This may include, but is not limited to, topics such as tooling to assist in
> securing the Linux Kernel, verification and testing of critical subsystems
> for vulnerabilities, security improvements for build tools, and providing
> guidance for maintaining subsystem security.

Thanks for getting this rolling!

What are the next steps? Does it make sense to try to gather a list of
active projects to try and see where things currently stand? (i.e who
is actively running smatch, trinity, etc?) Or to call attention to a
specific subsystem that needs direct auditing (e.g. KVM)?

-Kees

-- 
Kees Cook
Chrome OS Security

Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.