Date: Sun, 23 May 1999 20:46:48 +0930 (CST) From: Kris Kennaway <kkennawa@physics.adelaide.edu.au> To: sthaug@nethelp.no Cc: asmodai@wxs.nl, andreas@klemm.gtn.com, hackers@freebsd.org Subject: RE: security: what does OpenBSD have, that FreeBSD doesn't have. Message-ID: <Pine.OSF.4.10.9905232037320.11148-100000@mercury.physics.adelaide.edu.au> In-Reply-To: <14446.927449800@verdi.nethelp.no>
next in thread | previous in thread | raw e-mail | index | archive | help
On Sun, 23 May 1999 sthaug@nethelp.no wrote: > > The OpenBSD team does a lot wrt auditing of the complete sourcetree, but > > then the question is: is this valid concern or is this pure paranoia. > > OpenBSD does a lot of valid changes but borders (and sometimes crosses thta > > border) on paranoia, wrt code. > > Given the number of postings to BUGTRAQ about array overflows and stack > smashing, I think it's relevant to ask whether it possible to be *too* > paranoid here. Personally, I think what the OpenBSD folks are doing is > very important. One of my plans is to merge all of these changes into our tree (along with all the other minor changes/manpage corrections, etc). Longer term, I'd like to work on porting some of their kernel code like randomized sin_port selection and TCP initial sequence numbering, probably hidden behind sysctl knobs (defaulting to off to keep people happy). Kris ----- "That suit's sharper than a page of Oscar Wilde witticisms that's been rolled up into a point, sprinkled with lemon juice and jabbed into someone's eye" "Wow, that's sharp!" - Ace Rimmer and the Cat, _Red Dwarf_ To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-hackers" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.OSF.4.10.9905232037320.11148-100000>