Additional Security in the Linux Kernel?
nyx asks: "Recently, I was looking for some way to improve security on my linux boxes. I found few linux patches like grsecurity, LIDS (now also as Linux Security Module), Medusa DS9.
I'm testing grsecurity (and it's ACLs) now and I'm quite satisfied with it, but I wonder, what are pros and cons of other solutions. Anybody tried them and can share his experience with us?"
Lock the door when you leave the computer room.
Je t'aime Stéphanie
It's obvious that the only answer to this question is for all kernel developers to stop all productive activities for one month in order to sit through long and boring security lectures in groups of 500. After this month linux will be fully compliant with the "trusted security initiative" and will be magically bug free. Until such time as another bug is discovered.
They who would give up an essential liberty for temporary security, deserve neither liberty nor security