Google Funds Linux Maintainers To Boost Linux Kernel Security
Together with the Linux Foundation, Google announced today that they would fund two Linux kernel developers’ efforts as full-time maintainers exclusively focused on improving Linux security.
“While there are thousands of Linux kernel developers, all of whom take security into consideration as the due course of their work, this contribution from Google to underwrite two full-time Linux security maintainers signals the importance of security in the ongoing sustainability of open-source software,” the Linux Foundation said in a statement released today.
Gustavo Silva and Nathan Chancellor, the two kernel developers funded through this initiative will exclusively focus on Linux kernel security development.
Chancellor will triage and fix bugs in Clang/LLVM compilers. Silva will turn the elimination of several classes of buffer overflows into his full-time Linux development work.
Also Read: Key PDPA Amendments 2019/2020 You Should Know
“Additionally, [Silva] is actively focusing on fixing bugs before they hit the mainline, while also proactively developing defense mechanisms that cut off whole classes of vulnerabilities,” the Linux Foundation added.
“He is consistently one of the top five most active kernel developers since 2017” and he “has impacted 27 different stable trees, going all the way down to Linux v3.16.”
This initiative comes after the release of the 2020 FOSS Contributor Survey, authored by the Laboratory for Innovation Science at Harvard (LISH) and Open Source Security Foundation (OpenSSF).
The survey found that open-source software security requires more work due to its role as “a critical part of the modern economy.”
Over 20,000 Linux contributors have made more than one million commits since August 2020, with Linux kernel devs always considering code security.
Despite this, Google’s underwriting of two full-time Linux security maintainers further highlights the importance of security in open-source software.
“Ensuring the security of the Linux kernel is extremely important as it’s a critical part of modern computing and infrastructure. It requires us all to assist in any way we can to ensure that it is sustainably secure,” Linux Foundation’s Director of Open Source Supply Chain Security David A. Wheeler said.
Also Read: The 5 Benefits Of Outsourcing Data Protection Officer Service
“We extend a special thanks to Google for underwriting Gustavo and Nathan’s Linux kernel security development work along with a thank you to all the maintainers, developers and organizations who have made the Linux kernel a collaborative global success.”
0 Comments