Platinax: For EntrepreneursPlatinax Business ForumPlatinax Business NewsPlatinax Business DirectoryBusiness Blog
 
January 10, 2005

Linux security draws heated discussion

Link: Linux security draws heated discussion

Filed under: Security, Linux by brian_turner

On Friday, iSec reported in Linux kernel uselib() privilege elevation of a serious vulnerability, which sees local users able to gain root privileges via binary format loaders’ uselib() functions in Linux kernels 2.4 to 2.6.

Now Brad Spengler, of Linux Weekly News and the linux security development project GRSsecurity has launched a strong attack on the development of the Linux Security Modules development project.

In his LWN article grsecurity 2.1.0 and kernel vulnerabilities and Why doesn’t grsecurity use LSM?, he attacks what he sees as a narrow approach to security, and especially to what he sees as the critical failure of the LSM to tackle the very security issues it is designed to actually deal with.

This comes at a critical time when many businesses are now looking beyond Microsoft’s string of public failings on security issues to possible open source alternatives. And while open source has always suffered from a perception of being disorganised and lacking accountability from a business perpsective, the threat of current and future security problems already being compiled into the kernel may yet make companies think three times before investing in an IT framework on linux distros.

Until the row over security implementation on the linux kernel are addressed to the satisfaction of the linux developer community, it is hard to see how this latest development can instill business confidence in alternative options to Microsoft.





>> Discuss this story in the Platinax Business Forum

Add to Bookmarks:

  • ADD TO DEL.ICIO.US
  • ADD TO DIGG
  • ADD TO FURL
  • ADD TO NEWSVINE
  • ADD TO NETSCAPE
  • ADD TO REDDIT
  • ADD TO STUMBLEUPON
  • ADD TO TECHNORATI FAVORITES
  • ADD TO SQUIDOO
  • ADD TO WINDOWS LIVE
  • ADD TO YAHOO MYWEB
  • ADD TO GOOGLE
  • ADD TO SPURL
  •  


    Most recent news stories:


    Vodafone To Provide YouTube Service
    New Search Engine May Understand Plain English
    Hackers targeted ICANN
    NEC Warns on VoIP Spam
    China First to Launch 4G Standard
    Retailers Plan To Upgrade Networks
    Urban WiMax Providing Free London Service
    Europe leader in IPTV subscriptions
    Windows Mobile 6 Announced
    Amazon, TiVo Test New Movie Download Service


    Related posts to "Linux security draws heated discussion":


    Linux 2.6: few bugs
    IBM pushes Linux with $100 million
    Gentoo release and Linux repackages
    Open Enterprise Server beta released
    PalmSource buys into Linux for mobile devices

    No Comments »

    No comments yet.

    Leave a comment