In Linux Version 4.19, Linux’s developers had to deal with a hardware security bug, an issue that was particuarly frustrating becasue it was someone else’s bug. But Linux creator Linus Torvalds hopes that such incidents will be less common in the future.
In the Linux development process, there is a two-week merge window for new code, then developers spend six to seven weeks looking for bugs. Usually, this process is not a big deal, Torvalds says. Most often, by the middle of the second week, bug-fixing ensues.
[ Go deeper at InfoWorld: How to start your own bug-bounty program. • Meet the modern software tester: Bug hunters profiled. • 17 tips for developing more-secure code. | Keep up with the hottest topics in programming with InfoWorld’s App Dev Report newsletter. ]
But Version 4.19’s hardware security issue arose in the middle of the merge window period. Thegood news, says Torvalds: Bugs lately have become more and more esoteric, impacting fewer and fewer cases. “I hoping we’re getting to the dregs of hardware security bugs and going forward, we’ll have much fewer of them.”
To read this article in full, please click here