From owner-freebsd-audit Wed Dec 1 12:56:23 1999 Delivered-To: freebsd-audit@freebsd.org Received: from gratis.grondar.za (gratis.grondar.za [196.7.18.133]) by hub.freebsd.org (Postfix) with ESMTP id 85AB4151AA for ; Wed, 1 Dec 1999 12:55:18 -0800 (PST) (envelope-from mark@grondar.za) Received: from grondar.za (localhost [127.0.0.1]) by gratis.grondar.za (8.9.3/8.9.3) with ESMTP id WAA22838; Wed, 1 Dec 1999 22:54:35 +0200 (SAST) (envelope-from mark@grondar.za) Message-Id: <199912012054.WAA22838@gratis.grondar.za> To: Brad Knowles Cc: Warner Losh , tstromberg@rtci.com, freebsd-audit@FreeBSD.ORG Subject: Re: Where to start? Heres a few overflows. Date: Wed, 01 Dec 1999 22:54:34 +0200 From: Mark Murray Sender: owner-freebsd-audit@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG > As I recall, one of the goals that OpenBSD used in their audit > process was that they fixed bugs wherever they ran across them, > regardless of whether they believed they were exploitable. This has > protected them against a number of exploits that have since become > known, since the bug that someone is trying to exploit simply no > longer exists under OpenBSD. This is very valid, and most valuable. > Do we not want to employ the same kind of methodology, or have I > missed something here? Absolutely. Any bug fises are most welcome. > Also, what about the OpenBSD approach whereby security becomes > inherently integrated into the entire development process, as opposed > to something you try to add later? As long as it is not a silly thing like adding crypto to cat(1), that is fine. > Maybe I'm missing something, but it seems to me that the entire > audit project is doomed to ultimately fail if we can't ensure that > bugs, once fixed, remain that way. If we can train the committer-base on what to do (some style(9)-type debates come to mind), then we should be able to maintain it indefinitely. M -- Mark Murray Join the anti-SPAM movement: http://www.cauce.org To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-audit" in the body of the message