Slashdot Mirror
Security Holes Draw Linux Developers' Ire
jd writes "In what looks to be a split that could potentially undermine efforts to assure people that Linux is secure and stable, the developers of the GRSecurity kit and RSBAC are getting increasingly angry over security holes in Linux and the design of the Linux Security Modules. LWN has published a short article by Brad Spengler, the guy behind GRSecurity and it has stoked up a fierce storm, with claims of critical patches being ignored, good security practices being ignored for political reasons, etc. Regardless of the merits of the case by either side, this needs to be aired and examined before it becomes more of a problem. Especially in light of the recent kernel vulnerability debated on Slashdot."
I've always found an uptime of more than a few months tends to mean that sysadmin skills are seriously lacking. Sure a few systems can run for years but most real world systems need patches and changes and proper testing means a "reboot test" just to verify that changes to the live system are in non volatile. If the system requirements for a system have changed in the last year and the box hasn't had a full test, then there is a major problem.
If I read you correctly you're saying that Linux's new-found popularity will cause lots of previously unknown security flaws to become evident. Do you believe either (a) Linux will ultimately have a similar number of security flaws as the Windows kernel, or (b) Linux will ultimately have a similar number of security flaws as Apache (an open-source, industry-leading application)?
What I'm getting at is: security through obscurity is largely regarded as flawed (outside military intelligence circles), and the open-source/free-software development model has - time and again - resulted in bugs being shallow (IIS is closed-source and buggy. Apache is open-source and - relatively - secure).
Everytime - everytime! - there's a security issue with Linux a troll pops up and says "ha! ha!" in their best Nelson Muntz voice: as if Linux was somehow perfect, but has now spectacularly fallen from grace. I don't know whether you're trolling as you don't really say much, and I found it difficult to understand much of what you did say, so my apologies if I'm way off base here, but...are you suggesting that Windows is "more secure than Linux", or what?
This is where the serious fun begins.
I wouldn't be surprised if Linux is less secure than the NT kernel. NT has much finer grained access control than Linux (although not if you include SELinux), and I haven't heard anything about kernel exploits in Windows for a while (although this may be because I haven't been paying attention). The problem with Windows is all of the cruft on top of the kernel that doesn't need to be run with administrator privileges, but is, and is full of security holes.
I am TheRaven on Soylent News
I know that it was meant that way, and I admit that it basically is right. What was irking me about the GP post was the general mindset: "Why do we need improved security and/or longer patch cycles if we just can use a workaround." Similar sentiments come up in other posts in this thread "Oh, it's just a DoS attack, there are worse things" "Oh, don't you have a firewall" etc.pp.
Either you aim for excellence or you don't. Getting this right is a pretty hard thing, but if you start making excuses and getting into workarounds you end up some years down where MS is today: A nightmare of workarounds and makeshift solutions barely held together with pieces of string and duct tape. They also started out with making a compromise here and a compromise there and saying "Oh, this won't matter much, let's do this later". You see where it got them.
Trying to get the code right is an important part of this. If you don't get it right the first time, fine, then review the code and patch it, but do it right. Not just one bug today, and another one of the same kind tomorrow, and the third the next week.
If someone knowledgeable is able to find a series of similar bugs in a widely used and widely reviewed piece of code like the Linux kernel in a couple if minutes and if bugs are mostly fixed in a piecemeal fashion getting us to the kernel security bug of the day (we are now almost at the kernel bug of the week already) the Linux community should say "Hey, could we do something better ?" instead of saying "Doesn't matter, use a workaround and there are worse vulnerabilities anyway, so what ?"
These kinds of security problems leave the door open for someone else to determine the future of Linux.
You've just handed Microsoft a huge Public Relations goodie that they can beat to death as definitive proof that Linux fails to promptly fix security bugs. And now it can be extended to a universal problem with all Open Source Software. And now everything is back to being Microsoft or Death.
Sure I exaggerate, but don't you think others will try to do the same?
I don't know if the guy from GRsecurity can be classified as an asshole or not. I have found a lot of people who do post security patches tend to be very arrogant buttholes, but I've never met the guy. So there's some room here to determine just who's the bitch now.
But if these are real security holes and have been around this long, we've lost a tremendous edge on what advantage Linux has been able to claim in the past. The door is open.
My guess is that the best candidate is going to be OpenBSD or one of the other BSD's. It wouldn't surprise me. As something goes mainstream, it's political fat starts to overwhelm it's technical agility. To prevent this you have to fight very hard. Feature Creep is one name for this phenomenon. It could be argued that Linux has become focused on providing new and interesting features over old and boring performance expectations. This is to be expected as more people start pressing for wish list features and begin to ignore the original problems of security and stability. If you've ever wanted to see this in action - watch Debian. People are bitching now that Debian Unstable should be the defacto distribution version today and just wave their hands in dismissal when someone complains about packages breaking in Unstable. Apparently they too have accepted inherent stability problems in lieu of stability.
This is dangerous for all organizations who do this. As the foundation is ignored, you will start to permit some really illusive bugs into the system.
Similar extensions can be found when comparing Debian's Stable to Mandrake et al. Debian tends to be much slower on new developments, but they have a very good track record for basic performance. Similarly OpenBSD has it's software/hardware limitations, but it's definitely secure.
And any arguements regarding the security of a system as installed from the distro-provider is pretty much BS. They have each decided to install towards a target audience. To expect to be able to execute an installation on an unprotected machine and have no security holes appear at any point in the process is more trouble than it's worth. The price of doing an installation behind a firewall is far lower and a waste of development resources.