Matthew Garrett has a new blog post, on the topic of the need to improve Linux kernel security. Excerpt:
The model up until now has largely been “Fix security bugs as we find them”, an approach that fails on two levels:
1) Once we find them and fix them, there’s still a window between the fixed version being available and it actually being deployed
2) The forces of good may not be the first ones to find them
This reactive approach is fine for a world where it’s possible to push out software updates without having to perform extensive testing first, a world where the only people hunting for interesting kernel vulnerabilities are nice people. This isn’t that world, and this approach isn’t fine.