Imagine you've just read about another nasty Linux vulnerability that's targeting machines all over the world. You don't want to leave your desktops or servers ripe for attack, but you're not sure what to do.

Then you remember that the Linux kernel developers added a kill switch, which will temporarily disable affected functions. You log in, run the kill switch, and breathe a bit easier until the patch is released.

That's what NVIDIA developer, Sasha Levin, has submitted to the kernel team. According to Levin's proposal, "For most users, the cost of 'this socket family stops working for the day' is

much smaller than the cost of running a known vulnerable kernel until the fix lands."

Should a vulnerability be discovered, a user runs a command that instructs the kernel, via the securityfs interface, to stop using the affected function and return an error. The kill switch command would be used in conjunction with the function in question (such as AF_ALG, in the case of Copy Fail) to immediately disable it.

Such a feature would have been helpful with both Dirty Frag and Copy Fail.

The biggest issue with the kill switch is that it would not (at least in its current proposed state) be able to first check to see how disabling a function would affect the rest of the system, meaning that an admin could run the kill switch, only to discover something like, say, networking no longer functions.

Keep in mind the kill switch is under review, and there's no knowing if the kernel development team will merge it into the mainstream kernel. Suffice it to say, something needs to be done to better protect Linux against such vulnerabilities.