On Llu, 2005-01-17 at 07:40, John Richard Moser wrote: > On the same line, I've been graphing Ubuntu Linux Security Notices for a > while. I've noticed that in the last 5, the number of kernel-related > vulnerabilities has doubled (3 more). This disturbs me.
I've been monitoring the kernel security stuff for a long time too. There are several obvious trends and I think most are positive - Tools like coverity and sparse are significantly increasing the number of flaws found. In particular they are turning up long time flaws in code, but they also mean new flaws of that type are being found. People aren't really turning these tools onto user space - yet - - We get bursts of holes of a given type. If you plot things like "buffer overflow" "structure passed to user space not cleaned" "maths overflow check error" against time you'll see they show definite patterns with spikes decaying at different rates towards zero. There are also people other than Linus who read every single changeset. I do for one. Alan - To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to [EMAIL PROTECTED] More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
