From owner-freebsd-security@FreeBSD.ORG Tue Aug 12 04:31:51 2003 Return-Path: Delivered-To: freebsd-security@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 1927737B401 for ; Tue, 12 Aug 2003 04:31:51 -0700 (PDT) Received: from arthur.nitro.dk (port324.ds1-khk.adsl.cybercity.dk [212.242.113.79]) by mx1.FreeBSD.org (Postfix) with ESMTP id 702D943FAF for ; Tue, 12 Aug 2003 04:31:50 -0700 (PDT) (envelope-from simon@arthur.nitro.dk) Received: by arthur.nitro.dk (Postfix, from userid 1000) id 31AD610BFA8; Tue, 12 Aug 2003 13:31:49 +0200 (CEST) Date: Tue, 12 Aug 2003 13:31:49 +0200 From: "Simon L. Nielsen" To: "Devon H. O'Dell" Message-ID: <20030812113147.GA1022@FreeBSD.org> References: <20030812085617.GA407@FreeBSD.org> <003501c360b0$6dad9970$9f8d2ed5@internal> Mime-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha1; protocol="application/pgp-signature"; boundary="0OAP2g/MAC+5xKAE" Content-Disposition: inline In-Reply-To: <003501c360b0$6dad9970$9f8d2ed5@internal> User-Agent: Mutt/1.5.4i cc: security@freebsd.org Subject: Re: realpath(3) et al X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Security issues [members-only posting] List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 12 Aug 2003 11:31:51 -0000 --0OAP2g/MAC+5xKAE Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On 2003.08.12 11:02:16 +0200, Devon H. O'Dell wrote: > Is there a list of these bugs available anywhere? If not, what software is > recommended to import, keep track of, and document these bugs? The audit fixes from OpenBSD? I have no idea if they keep track of them in some special way, but I think that integrating whem will require a lot of looking at CVS commit logs and comparing code. > Features such as a protected stack should, IMO, be implemented as soon as > possible to keep FreeBSD heads-afloat right now in the security sense.... > OpenBSD has implemented this already and there are many patches for Linux= to > do the same... why don't we go ahead and shove some of this code into CVS? This is a different issue which I don't think should be mixed with general auditing, since it's far from a trivial change to support this (at least so I heard - I haven't looked into it, and I have no plans to do so). --=20 Simon L. Nielsen FreeBSD Documentation Team --0OAP2g/MAC+5xKAE Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.2 (FreeBSD) iD8DBQE/ONAjh9pcDSc1mlERAlaYAKCHrsnC6u3GGlspYJJIOoL6hyGUaACfQ97j zPPjx0qw2INamMeTOKDmeYk= =cBiW -----END PGP SIGNATURE----- --0OAP2g/MAC+5xKAE--