Kernel.org
{{Short description|Main distribution point of Linux source code}}
{{Lowercase title}}
{{Infobox website
| name = kernel.org
| logo =
| screenshot = Kernel.org screenshot.png
| caption = kernel.org in December 2024
| url = {{URL|https://kernel.org/}}
| commercial = No
| type = Open source repository
| language = English
| ipv6 = Yes
| owner =
| current_status = Active
| revenue =
}}
kernel.org on the World Wide Web is the main distribution point of source code for the Linux kernel, which is the base of the Linux operating system.
The website and related infrastructure, which is operated by the Linux Kernel Organization,{{Cite web |date=2013-12-05 |title=The Linux Kernel Organization |url=https://www.kernel.org/category/about.html |access-date=2015-01-15 |website=Kernel.org |publisher=Linux Kernel Organization}} host the repositories that make all versions of the kernel's source code available to all users. The main purpose of kernel.org is to host repositories used by Linux kernel developers and maintainers of various Linux distributions. Additionally, it hosts various other projects or their mirrors, including the Linux Documentation Project (LDP) and CPAN.{{cite web |date=2014-09-02 |title=The Linux Kernel Archives - FAQ |url=https://www.kernel.org/category/faq.html |access-date=2015-01-16 |website=Kernel.org |publisher=Linux Kernel Organization}}{{cite web |date=2014-12-13 |title=Mirrors.kernel.org, a service of the Linux Kernel Archives |url=https://mirrors.kernel.org/ |access-date=2015-01-16 |website=Kernel.org |publisher=Linux Kernel Organization}}
Since August 2014, kernel.org provides additional security by mandating two-factor authentication for commits performed to hosted Git repositories that contain source code of the Linux kernel, with support for both soft tokens and hard tokens.{{cite web |author=Konstantin Ryabitsev |date=2014-08-18 |title=Linux Kernel Git Repositories Add 2-Factor Authentication |url=https://www.linuxfoundation.org/blog/linux-kernel-git-repositories-add-2-factor-authentication/ |url-status=dead |archive-url=https://web.archive.org/web/20180131082600/https://www.linuxfoundation.org/blog/linux-kernel-git-repositories-add-2-factor-authentication/ |archive-date=2018-01-31 |access-date=2014-08-22 |publisher=Linux.com}}
2011 security breach
On 28 August 2011, developers at kernel.org realized that there had been a major security breach. Intruders had gained root access to the system and added a trojan to the startup scripts. Developers reinstalled all the servers and investigated the origin of the attack.{{cite web|title=The cracking of kernel.org |date=2011-08-31 |publisher=The Linux Foundation |url=http://www.linuxfoundation.org/news-media/blogs/browse/2011/08/cracking-kernelorg |author=Jonathan Corbet |access-date=2011-11-08 |url-status=dead |archive-url=https://web.archive.org/web/20111029105944/http://www.linuxfoundation.org/news-media/blogs/browse/2011/08/cracking-kernelorg |archive-date=2011-10-29 }} It is likely, although not confirmed, that the kernel.org intrusion is related to the intrusions of LinuxFoundation.org and Linux.com websites that were determined shortly afterwards.{{cite web |url=http://heimic.net/2011/09/13/kernel-org-down-for-maintenance/ |title=Blog Archive » kernel.org down for maintenance? |publisher=Heimic |date=2011-09-13 |access-date=2014-03-02 |archive-url=https://web.archive.org/web/20110923203507/http://www.heimic.net/2011/09/13/kernel-org-down-for-maintenance/ |archive-date=2011-09-23 |url-status=dead }}{{cite web|url=https://mycottonsilk.wordpress.com/2011/09/16/kernel-org-is-down/|title=kernel.org is down!|date=16 September 2011}}
Git, a distributed and open-source source management system designed by Linus Torvalds to guarantee the integrity of the source code, is used to keep track of changes in the Linux source code. This and the fact that the source code is available to anyone and widely known makes any attempt to tamper with the source code fairly easy to detect and revert if required.{{Cite news|title=Kernel.org hacked, but Linux kernel safe thanks to git |author=Fahmida Y. Rashid |website=linuxfordevices.com |date=2011-09-01 |url=http://www.linuxfordevices.com/c/a/News/Kernelorg-hacked/ |access-date=2011-11-08 |archive-url=https://archive.today/20130127213718/http://www.linuxfordevices.com/c/a/News/Kernelorg-hacked/ |archive-date=2013-01-27 |url-status=dead }} All that makes kernel.org not the primary repository, but rather a distribution point of the kernel sources.
Kernel.org was back online by November 2011, with the exception of a few secondary services.{{cite web|title=Who rooted kernel.org servers two years ago, how did it happen, and why?|author=Dan Goodin|website=Ars Technica|date=2013-09-24|url=https://arstechnica.com/information-technology/2013/09/who-rooted-kernel-org-servers-two-years-ago-how-did-it-happen-and-why/|access-date=2018-01-30}} A 27 year old resident of Florida, US was arrested in 2016 for the attack.{{cite web|url=https://arstechnica.com/tech-policy/2016/09/feds-pin-brazen-kernel-org-intrusion-on-27-year-old-programmer/|title=Feds pin brazen kernel.org intrusion on 27-year-old programmer|website=Ars Technica}}
See also
- Linux kernel mailing list (LKML)
References
{{Reflist|30em}}
External links
- {{Official website|https://www.kernel.org/}}
{{Linux kernel}}