Date: Sun, 16 Jul 2000 22:36:52 +0200 From: Joachim =?iso-8859-1?Q?Str=F6mbergson?= <watchman@ludd.luth.se> To: FreeBSD-SECURITY <freebsd-security@FreeBSD.ORG>, Mark Murray <mark@grondar.za> Subject: Status of FreeBSD security work? Audit, regression and crypto swap? Message-ID: <39721CE4.A8E681E9@ludd.luth.se>
next in thread | raw e-mail | index | archive | help
Hi! If my memory serves me right, Mark Murray started off a thread in Current about douing security audits of FreeBSD. This was around November 1999. I was too busy to keep track, but it went up on my 'check it out'-list. Now I seem to have a bit more time off and decided to see if I could be of some help to somebody. I subscribed to this list (FreeBSD-security) a few weeks back and hanged back to see if I could fathom the status of work from what came through the mailpipe. So far I've seen lots of, in some way of perspective, interesting mails, but not that much that seemed to relate to secutity audits. (1) So, what's the status of the FreeBSD security audit? Anything that could need a hand? Some other questions very much related to security: (2) I took a look at the OpenBSD sources (looked or browed - superficial in any case). Judging by what I saw, it seems that OpenBSD as part of it's source have a whole bunch of test cases for regression run purposes. I don't know what they stress, but from my HW-experience, regression runs are a great way to improve system quality. I know I do a buildworld on a regular basis after cvsupping, but that does not stress the whole system by a long shot. So, has anybody looked at the regression stuff for OpenBSD? Anything for FreeBSD? How is the FreeBSD system tested normally by folks out there? Can we do better? (3) OpenBSD 2.7 introduced crypto swap. After reading through mr Provos paper about crypto swap (and the stuff he found on his swap, among other things), I got interested in trying this out myself. Is anybody looking at this for FreeBSD? Would it be a good idea, anything of value for FreeBSD? Ok, lots of questions. If I have gone over the line, insulted anbody or missed the obvious, then I apologize right now. If so, please inform me by private email, but don't let me be the one causing the next 'DoS' in the maillist. ;-) -- Cheers! Joachim - Alltid i harmonisk svängning --- FairLight ------ FairLight ------ FairLight ------ FairLight --- Joachim Strömbergson ASIC SoC designer, nice to CUTE animals Phone: +46(0)31 - 27 98 47 Web: http://www.ludd.luth.se/~watchman --------------- Spamfodder: regeringen@regeringen.se --------------- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?39721CE4.A8E681E9>