Simplicity is a form of art...

Looking at the local Linux kernel privilege escalation
by Sven Vermeulen, post on Fri 17 May 2013

There has been a few posts already on the local Linux kernel privilege escalation, which has received the CVE-2013-2094 ID. arstechnica has a write-up with links to good resources on the Internet, but I definitely want to point readers to the explanation that Brad Spengler made on the vulnerability.

In …

Another Gentoo Hardened month has passed
by Sven Vermeulen, post on Thu 18 April 2013

Another month has passed, so time to mention again what we have all been doing lately ;-)

Toolchain

Version 4.8 of GCC is available in the tree, but currently masked. The package contains a fix needed to build hardened-sources, and a fix for the asan (address sanitizer). asan support in …