Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Date: Wed, 4 Apr 2018 19:15:16 +0300
From: Alexander Popov <>
Cc: Kees Cook <>, James Morris <>,
 "Serge E. Hallyn" <>, Brad Spengler
 <>, PaX Team <>
Subject: Linux Kernel Defence Map

Linux kernel security is a very complex area. It would be nice to have some
graphical representation of its current state. So I've created a Linux Kernel
Defence Map showing the relations between:
 - vulnerability classes / exploitation techniques,
 - kernel defences,
 - bug detection means.


N.B. The node connections don't mean "full mitigation". These connections
represent some kind of relation. So ideally, this map should help to navigate in
documentation and Linux kernel sources.

I wrote it in DOT language and generated the picture using GraphViz. So it is
very pleasant to maintain this map with git.

I would be grateful for any feedback.

Best regards,

Powered by blists - more mailing lists

Your e-mail address:

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.