LWN.net's Journal
 
 [Most Recent Entries] [Calendar View]

Thursday, June 17th, 2021

    Time Event
    12:58a
    [$] LWN.net Weekly Edition for June 17, 2021
    The LWN.net Weekly Edition for June 17, 2021 is available.
    1:40p
    Security updates for Thursday
    Security updates have been issued by CentOS (gnupnp and postgresql), Fedora (dino, microcode_ctl, and xen), Mageia (apache, gsoap, libgd, openssh, perl-Image-ExifTool, python-bleach, and qt4 and qtsvg5), openSUSE (chromium, containerd, docker, runc, djvulibre, htmldoc, kernel, libjpeg-turbo, libopenmpt, libxml2, spice, squid, and ucode-intel), Red Hat (dhcp and glib2), SUSE (apache2, inn, java-1_8_0-openjdk, and webkit2gtk3), and Ubuntu (nettle).
    6:17p
    Supporting Miguel Ojeda’s Work on Rust in the Linux Kernel (Prossimo blog)
    The Prossimo project has announced that it has contracted with Miguel Ojeda to work on Rust in the Linux kernel for the next year. Prossimo is a new name for the memory-safety projects being run by the Internet Security Research Group (ISRG), which is the organization behind the Let's Encrypt certificate authority (CA) project. Google provided the funds to enable Ojeda to work full-time on the project starting back in April.

    The Linux kernel is at the heart of the modern Internet, from servers to client devices. It’s on the front line for processing network data and other forms of input. As such, vulnerabilities in the Linux kernel can have a wide-ranging impact, putting security and privacy for people, organizations, and devices at risk. Since it’s written largely in the C language, which is not memory-safe, memory safety vulnerabilities such as buffer overflows and use-after-frees are a constant concern. By making it possible to write parts of the Linux kernel in Rust, which is memory-safe, we can entirely eliminate memory safety vulnerabilities from certain components, such as drivers.

    We have previously covered another Prossimo project, which provides funding for Rustls development, as well as Ojeda's work on Rust in the kernel.

    6:47p
    [$] Landlock (finally) sets sail
    Kernel development is not for people who lack persistence; changes can take
    a number of revisions and a lot of time to make it into a mainline
    release. Even so, the story of the Landlock security module, developed by
    Mickaël Salaün, seems like an extreme case; this code was merged for 5.13 after
    more than five years of development and 34 versions of the patch set.
    This sandboxing mechanism has evolved considerably since LWN covered version 3 of the patch set in
    2016, so a look at what Landlock has become is warranted.

    << Previous Day 2021/06/17
    [Calendar]     		Next Day >>

LWN.net   About LJ.Rossia.org