Hacker News new | past | comments | ask | show | jobs | submit login

Those are all user space level mitigations so you don't need the kernel to implement them. So you are barking at the wrong group.



Those might be but microkernels, safe languages, interface correctness (pre/post-condition checks), and safe coordination schemes aren't: built from kernel up and proven since 70-80's to prevent/contain many issues that affect C-based monoliths like Linux. That they actively argue against using them despite decades of evidence they work says plenty about them. That they also advocate and use methods that haven't worked for decades in terms of predictability/reliability/security is final nail on the coffin.

People should keep barking given how much depends on the project now. Plus support alternatives that take better approaches to architecture like old EROS, MINIX 3 (reliability), or GenodeOS (security/reliability). Safe native approaches like security-enhanced Oberon System or JX Operating System would also kick butt. Each achieved certain robustness properties in mere years with small teams due to good design.

UNIX and Linux took decades to get usable, still give hackers MB of opportunities for kernel attacks, and still crash my systems on occasion. Meme: "Failure to learn the lessons of the past and apply them."


Separation kernels aren't, MLS likely works best with kernel cooperation (given Linux's large surface) and same with capabilities at least.

My point wasn't the specific proactive mitigations, but rather Linus' attitudes creating negative perceptions.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: