Security Projects - Results from #54 | LinuxSecurity.com

Security Projects

We have thousands of posts on a wide variety of open source and security topics, conveniently organized for searching or just browsing.

Discover Security Projects News

Open Source Community Shifts Left With OpenSSF, Google SLSA

data:image/svg+xml,%3Csvg%20xmlns=%22https://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

Security is becoming an increasingly key piece of the open source puzzle amid industry-wide pushes to shift left and integrate security during early stages of application development. The Linux Foundation’s Open Source Security Foundation (OpenSSF), which encompasses Google’s Supply chain Levels for Software Artifacts (SLSA), is one example of how the open source community is working to improve software security through an ecosystem approach, vying for proactive handling of security by default.

Linux Foundation raises $10M to support open-source security project

data:image/svg+xml,%3Csvg%20xmlns=%22https://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

The Linux Foundation has raised $10 million in new investments to expand and support its Open Source Security Foundation project. “This industrywide commitment is answering the call from the White House to raise the baseline for our collective cybersecurity well-being, as well as ‘paying it forward’ to open source communities to help them create secure software from which we all benefit,” Jim Zemlin, executive director at the Linux Foundation, said in a statement.  “With the tremendous growth and pervasiveness of open source software, building cybersecurity practices and programs that scale is our biggest task at hand.”

"pkill_on_warn" Proposed For Killing Linux Processes That Cause A Kernel Warning

data:image/svg+xml,%3Csvg%20xmlns=%22https://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

Security researcher and Linux kernel contributor Alexander Popov has proposed a new kernel option called "pkill_on_warn" that would kill all threads in a process if that process provoked a kernel warning. This wouldn't change the default kernel behavior but if/when the patch is merged, booting the kernel with pkill_on_warn=1 would enable this new behavior to kill processes causing kernel warnings.

We use cookies to provide and improve our services. By using our site, you consent to our Cookie Policy.