Date: Fri, 13 Aug 1999 09:07:28 -0600 From: Warner Losh <imp@village.org> To: Darren Reed <avalon@coombs.anu.edu.au> Cc: gill@topsecret.net, tomb@securify.com, andrewr@slack.net, freebsd-security@FreeBSD.ORG Subject: Re: "Secure-FreeBSD" Idea Message-ID: <199908131507.JAA10483@harmony.village.org> In-Reply-To: Your message of "Fri, 13 Aug 1999 18:29:20 %2B1000." <199908130829.SAA25334@cheops.anu.edu.au> References: <199908130829.SAA25334@cheops.anu.edu.au>
next in thread | previous in thread | raw e-mail | index | archive | help
In message <199908130829.SAA25334@cheops.anu.edu.au> Darren Reed writes: : No, but then buffer overflows don't really interest me. They're not hard : to find, fix or exploit. Nor are they `new'. OpenBSD's audit didn't find : the recent profil(2) bug, which the NetBSD folks did. There are many other examples that the folks working on OpenBSD have done. Randomizing things (pids, socket endpoints, tcp and IP sequences, etc), killing races, etc are all things that were implemented early on in OpenBSD and the other BSDs have played catchup. NetBSD has also found some interesting problems, but to characterize the number and type of them as much greater than OpenBSD is disengenuous. Warner To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199908131507.JAA10483>