BlackBerry Reveals How Priv Improves Security And Privacy

Status
Not open for further replies.

Liam Bulkley

Honorable
Apr 27, 2013
2
0
10,510
That 12million line figure is quite misleading. That includes ALL of the code in Linus' tree...the majority of which is drivers...that vast majority of which aren't installed on any particular system.
Likewise, that 100kloc figure for qnx is ONLY for the ukernel itself.
An apples to apples comparison would be to count the lines of code that get included for a PARTICULAR android device (so, after config but before make).
Also, with judicious use of seccomp, you can minimize the surface area that any particular app sees, and, as you point out, what's left can be dealt with via grsecurity.
Obviously, exploits will still be possible, but qnx itself isn't proven to be free of implementation flaws (sel4 is, I believe, still the only fully verified kernel).
 
Status
Not open for further replies.