is there a public roadmap or major WIP sub-projects?
i remember seeing issues raised on github or elsewhere with concerns regarding the security aspects of either some of the kernel architecture or implementation. are you guys planning on having formal audits? and how likely is it that major parts would need to change and set the momentum back?
Major projects at this time are orbtk, relibc, ion, and the cookbook.
There are a couple known security issues in the kernel regarding memory management.
One is that memory is granted in pages, so buffers passed to a scheme are over-mapped for the process handling it. You have to be root to handle a scheme, so it was not a high severity issue. The fix will be to copy to tail and end pages allocated to each context, so that it will not have access to extra data.
Another is that grants can be dropped by the owning process while in use by another process. This can lead to the re-allocation of said grants in the owning process, making memory accessible to the other users of the grant. More kernel work is needed to prevent schemes from leaking data in this manner.
i remember seeing issues raised on github or elsewhere with concerns regarding the security aspects of either some of the kernel architecture or implementation. are you guys planning on having formal audits? and how likely is it that major parts would need to change and set the momentum back?
https://gitlab.redox-os.org/redox-os/redox/issues?scope=all&...
some of these are 2 years old :/
i know these are all pretty vague questions, but i'm interested to hear about them nevertheless.