Gentoo Forums
Gentoo Forums
Gentoo Forums
Quick Search: in
Why is a deblobbed kernel mayb not up to date security-wise?
View unanswered posts
View posts from last 24 hours

 
Reply to topic    Gentoo Forums Forum Index Kernel & Hardware
View previous topic :: View next topic  
Author Message
as.gentoo
Guru
Guru


Joined: 07 Aug 2004
Posts: 318

PostPosted: Tue Jun 30, 2015 12:47 am    Post subject: Why is a deblobbed kernel mayb not up to date security-wise? Reply with quote

When you emerge gentoo-sources there is a warning shown:
Code:
Deblobbed kernels may not be up-to-date security-wise as they depend on external scripts.

Can please somebody explain what external scripts this is about?

I think using a deblobbed kernel is beneficial security-wise since all code was (or could be) checked for backdoors from the NSA and the rest of the infamous gang?!
Can't instructions in blobs - like those for NICs - send everything not only to the destination but to our friends as well?
Back to top
View user's profile Send private message
The Doctor
Moderator
Moderator


Joined: 27 Jul 2010
Posts: 2574

PostPosted: Tue Jun 30, 2015 1:01 am    Post subject: Reply with quote

This is a duplicate and I can't find the original, but it is a good question.

Basically, the project is undermanned. This means that any security problems in the kernel are slower to be addressed than in the mainline kernel.

Not all the security problems come from third parties.
_________________
First things first, but not necessarily in that order.

Apologies if I take a while to respond. I'm currently working on the dematerialization circuit for my blue box.
Back to top
View user's profile Send private message
as.gentoo
Guru
Guru


Joined: 07 Aug 2004
Posts: 318

PostPosted: Tue Jun 30, 2015 8:54 am    Post subject: Reply with quote

I guess you mean this: https://forums.gentoo.org/viewtopic-t-1008704-highlight-linuxlibre.html

So it's not as easy as just removing the blob (files/modules)? There has to be done much more?!
https://forums.gentoo.org/viewtopic-t-1008704-highlight-linuxlibre.html#7698478 -> That sound like just setting CONFIG_FIRMWARE_IN_KERNEL=n when doing make menuconfig will disable BLOBs, isn't it?
Back to top
View user's profile Send private message
Hu
Moderator
Moderator


Joined: 06 Mar 2007
Posts: 13831

PostPosted: Wed Jul 01, 2015 1:05 am    Post subject: Reply with quote

The Doctor wrote:
This is a duplicate and I can't find the original.
You may be thinking of Deblobbed kernel has security issues?.
Back to top
View user's profile Send private message
The Doctor
Moderator
Moderator


Joined: 27 Jul 2010
Posts: 2574

PostPosted: Wed Jul 01, 2015 1:07 am    Post subject: Reply with quote

Hu wrote:
The Doctor wrote:
This is a duplicate and I can't find the original.
You may be thinking of Deblobbed kernel has security issues?.
Indeed.
_________________
First things first, but not necessarily in that order.

Apologies if I take a while to respond. I'm currently working on the dematerialization circuit for my blue box.
Back to top
View user's profile Send private message
Display posts from previous:   
Reply to topic    Gentoo Forums Forum Index Kernel & Hardware All times are GMT
Page 1 of 1

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum