Google and The Linux Foundation have reached an agreement to improve Linux security. The search engine will allocate funds to finance the work of two kernel developers to focus on tasks aimed at shielding the system.
Dan Lorenc, a Google software engineer, explained that for them, "security is always top of mind and we understand the critical role it plays to the sustainability of Open Source software". For this reason, they have decided to support the efforts made by Gustavo Silva and Nathan Chancellor, who are responsible for maintaining and improving kernel security.
Chancellor focuses on classifying and correcting errors found with the Clang / LLVM compilersand establishing continuous integration systems. "I hope that more and more people will start to use the LLVM compiler infrastructure project and contribute fixes to it and the kernel – it will go a long way towards improving Linux security for everyone," he said.
Silva is dedicated to eliminating various kinds of buffer overflows and fixing errors before hitting the mainline. He also proactively develops defense mechanisms that eliminate vulnerabilities. "We are working towards building a high-quality kernel that is reliable, robust, and more resistant to attack every time," he said.
The Linux Foundation has thanked the support received from Google and has extended it to the entire community. "We extend a special thanks to Google for underwriting Gustavo and Nathan's Linux kernel security development work along with a thank you to all the maintainers, developers, and organizations who have made the Linux kernel a collaborative global success ", mentioned David A. Wheeler.
Google is not the only organization helping to improve Linux security. Other companies that use this system also collaborate by making financial contributions. There is a specific group within the Open Source Security Foundation (OpenSS) in which discussion on this issue: Securing Critical Projects Working Group.
For more information, see the original post by The Linux Foundation.