CAFAI Liens en Vrac
« I see security as being more of a nuisance for the upstream kernel
developers.  It's understandable, if someone makes a mistake, it can be
embarrassing, particularly when it gets into the news or has some
important impact.  It also lessens the image of Linux as being an
enterprise-ready OS if someone can write up an exploit to take over the
entire system in a matter of hours in some cases. »
=========================================================================================

Lire aussi :
Grsecurity Developer Spender's Feelings on the State of Linux Security
https://news.ycombinator.com/item?id=10518480


Kernel Self Protection Project
http://openwall.com/lists/kernel-hardening/2015/11/05/1

« I'm organizing a community of people to work on the various kernel
self-protection technologies (most of which are found in PaX and
Grsecurity). I'm building on the presentation I gave at Kernel Summit
where I sought to convince the other upstream Linux kernel developers
that security is more than fixing bugs, and that we need to bring in
proactive defenses:
http://lwn.net/Articles/662219/

This is especially highlighted by the Washington Post article today:
The kernel of the argument
Fast, flexible and free, Linux is taking over the online world. But there is growing unease about security weaknesses.
http://www.washingtonpost.com/sf/business/2015/11/05/net-of-insecurity-the-kernel-of-the-argument/

Between the companies that recognize the critical nature of this work,
and with Linux Foundation's Core Infrastructure Initiative happy to
start funding specific work in this area, I think we can really make a
dent.

Let's start the work. I've built some wiki pages around my slides,
where we can take notes, list examples, and coordinate:
http://kernsec.org/wiki/index.php/Kernel_Self_Protection_Project

http://kernsec.org/files/lss2015/giant-bags-of-mostly-water.pdf
(Permalink)