Last week I completed the first draft of Part 1 of my book on Linux Security (chapters 1 through 4). I just got word that it’s been sent out for review, and expect to get them back in a few weeks. I’m nervous as hell about this review, mostly because it’s my first time writing a book.
Since I already had my hands in the tpe-lkm code yesterday, I decided to spend my lunch break coding a feature I’ve been meaning to add in for a while now.
I added a new ps extras feature. Since it doesn’t have to do with the “trusted path”, I added it to the “extras” in the configuration. It’s similar to grsecurity’s “Proc restrictions” where “the permissions of the /proc filesystem will be altered to enhance system security and privacy”. Basically, non-root users won’t be able to view the processes they don’t own.
I’ve discovered my first denial-of-service bug in the linux kernel. I’m a bit teary eyed, not because the bug was in my own code, but it marks the first bug I’ve found in linux kernel code.
Not worth of a CVE or anything, because I still haven’t declared the code stable, and I don’t imagine many people use this thing just yet. But in the interest of full disclosure, here is information about the bug.
In an attempt to keep myself motivated to blog on a semi-regular basis, I’m re-inventing my blog and starting completly from scratch.
I will be blogging about the book I am currently writing, the grsecurity kernel build system I am building, and the rogue-beret repo I will have online shortly.
Well, time for bed. Been sitting at this computer all evening. Have a good night!