Home page logo

fulldisclosure logo Full Disclosure mailing list archives

Re: Ubuntu 11.10 now unsecure by default
From: Valdis.Kletnieks () vt edu
Date: Mon, 21 Nov 2011 08:02:00 -0500

On Mon, 21 Nov 2011 12:24:03 GMT, Darren Martyn said:

1) Read the latest kernels source over a long period of time, looking for
bugs and to get a better understanding of how it works on that level

Just keep in mind that you will never finish reading the kernel source, as it's
currently sitting at somewhere near 14M lines of code, and every 3 month
release window has more new lines added than any one person can review. Most of
the patches are posted ot the linux-kernel mailing list, which as a result
weighs in at around 450-600 pieces of mail every day.  Enjoy drinking from the
fire hose.

That's why the current arrangement of subsystem maintainers exists.

Doesn't mean that you can't review the important heavily used parts of the
kernel and learn something - that's probably only a quarter million lines of
code, and things like the VFS code don't change as fast as the drivers and
architecture code. I would reccomend reading Linux Device Drivers, 3rd Edition
(available online, just google for 'LDD3').  Note that the concepts still
apply, but due to the ever changing kernel API, sample code will probably not
compile without some reworking.

2) Build my own distro

More of same - though Linux From Scratch will at least teach you how it works.
But you'll go nuts trying to keep up to date on patches for all the components of
a system big enough to use day-to-day. (Have fun reviewing the patches and
then building OpenOffice or Firefox from source every time upstream releases
an update - and then there's all the code in xorg and Gnome/KDE, and....)

3) Write my own network manager based off the LORCON/MadWiFi drivers (using
PyLORCON bindings) for the GNOME interface to replace the not-reliable
"network manager" applet.

This one is probably the most achievable, and NetworkManager *is* a total
piece of barely-usable crud.  Do however keep in mind the following:

1) The MadWiFi drivers only work for Atheros chipsets, and a *lot* of boxes
have other wireless (lots of Intel chips out there, among other things).

2) MadWifi has been deprecated, and the wireless maintainer's advice is to use
the ath5k and ath9k drivers instead. If those two drivers don't work for your
Atheros, work with them to get the driver fixed - all the other Atheros users
out there will thank you.

3) You *really* want your userspace to be using the mac80211 interfaces instead,
so that they will work with non-Atheros cards as well.

Good luck...

Attachment: _bin

Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]