Re: "Linux Kernel security demistified"

[Greg KH <greg () kroah com>]

On Mon, Oct 02, 2023 at 11:48:15AM +0400, Loganaden Velvindron wrote:
> On Mon, 2 Oct 2023 at 11:10, Greg KH <greg () kroah com> wrote:
> > On Sun, Oct 01, 2023 at 09:13:03PM +0200, Solar Designer wrote:
> > > There's also an upcoming Webinar:
> > >
> > > https://www.linuxfoundation.org/webinars/demystifying-the-linux-kernel-security-process
> > >
> > > > Demystifying the Linux Kernel Security Process
> > > > October 3, 2023 | 07:00 AM PDT (UTC-7)
> > > >
> > > > Join an interactive, complimentary Mentorship Session exploring
> > > > Demystifying the Linux Kernel Security Process with Greg Kroah-Hartman,
> > > > Kernel Maintainer & Fellow, The Linux Foundation
> > > >
> > > > There is a lot of misunderstanding about how the Linux kernel deals with
> > > > security vulnerabilities.  This talk will go into how the Linux kernel
> > > > security team works, how changes are propagated out to the public, and
> > > > how users must take advantage of these changes in order to have a secure
> > > > system.
> >
> > It's going to be much the same talk, with only minor tweaks as I forgot
> > some points I wanted to make in the first one.
> >
> > Thanks for the link to my slides and presentation, glad to see that
> > information get spread wider!
> It was a very insightful talk. However, I'm not sure whether companies
> would even be willing to start a conversation with an open source
> community without
> an NDA being signed.

Then those companies are not going to get very far, sorry.

We've been working this way for Linux for a very long time now, and it's
worked very well without any NDAs.  For good reasons, you never want to
sign one as it turns out to make the info you learn in them _more_
likely to leak, talk to a lawyer for all the fun details.

thanks,

greg k-h