Security stuff

Corbet's picture

After updating the current conditions to reflect 2.6.25-rc4, I went into the security page and added some introductory text; I’ll probably do this with the other pages as well over time.

Security has been on my mind as a result of the somewhat embarrassing vmsplice() exploit. This vulnerability has renewed interest in various kinds of technical means for preventing vulnerabilities - stack smashing detection and the like. This is all good stuff, and we should have it. But much of that technology would not have helped in this case; the vmsplice() exploit was a subtle and complex thing.

This vulnerability was not a failure of the kernel’s anti-compromise technology. It was a failure of the review process which allowed code with obvious mistakes into the kernel. Review is the critical, limiting resource for a lot of free software projects, and the kernel is no exception. Reviewing code is hard and thankless work, but the process really does not work without it.