Re: thoughts on kernel security issues

From: Florian Weimer
Date: Thu Jan 13 2005 - 13:03:13 EST

Next message: Nish Aravamudan: "Re: Kernel conector. Reincarnation #1."
Previous message: Paul E. McKenney: "Re: [PATCH] fs: Restore files_lock and set_fs_root exports"
In reply to: Alan Cox: "Re: thoughts on kernel security issues"
Next in thread: Marek Habersack: "Re: thoughts on kernel security issues"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

* Alan Cox:

> We cannot do this without the reporters permission. Often we get
> material that even the list isn't allowed to directly see only by
> contacting the relevant bodies directly as well. The list then just
> serves as a "foo should have told you about issue X" notification.
>
> If you are setting up the list also make sure its entirely encrypted
> after the previous sniffing incident.

Others have had made good use of symmetric encryption with OpenPGP
(the CAST5 cipher seems most interoperable). New symmetric keys are
distributed twice per year, using the participants OpenPGP public
keys.

(There are also various implementations of reencrypting mailing lists,
but they cannot ensure end-to-end encryption.)
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Next message: Nish Aravamudan: "Re: Kernel conector. Reincarnation #1."
Previous message: Paul E. McKenney: "Re: [PATCH] fs: Restore files_lock and set_fs_root exports"
In reply to: Alan Cox: "Re: thoughts on kernel security issues"
Next in thread: Marek Habersack: "Re: thoughts on kernel security issues"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]