| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Mon, 16 Mar 2015 21:11:27 +0000 From: Matthew Garrett <matthew.garrett@...ula.com> To: "david@...g.hm" <david@...g.hm> CC: "keescook@...omium.org" <keescook@...omium.org>, "linux-kernel@...r.kernel.org" <linux-kernel@...r.kernel.org>, "james.l.morris@...cle.com" <james.l.morris@...cle.com>, "gnomes@...rguk.ukuu.org.uk" <gnomes@...rguk.ukuu.org.uk>, "serge@...lyn.com" <serge@...lyn.com>, "linux-security-module@...r.kernel.org" <linux-security-module@...r.kernel.org>, "hpa@...or.com" <hpa@...or.com> Subject: Re: Trusted kernel patchset On Mon, 2015-03-16 at 13:35 -0700, David Lang wrote: > On Mon, 16 Mar 2015, Matthew Garrett wrote: > > That's one implementation. Another is the kernel being stored on > > non-volatile media. > > Anything that encourages deploying systems that can't be upgraded to fix bugs > that are discovered is a problem. > > This is an issue that the Internet of Things folks are just starting to notice, > and it's only going to get worse before it gets better. > > How do you patch bugs on your non-volitile media? What keeps that mechansim from > being abused. Nothing stops people from deploying kernels on non-volatile media right now. This doesn't change anything.
Powered by blists - more mailing lists