Date: Tue, 11 Feb 1997 19:14:52 +0100 From: Eivind Eklund <eivind@dimaga.com> To: Warner Losh <imp@village.org> Cc: freebsd-hackers@freebsd.org Subject: Re: Increasing overall security.... Message-ID: <3.0.32.19970211191451.00b80ec0@dimaga.com>
next in thread | raw e-mail | index | archive | help
At 08:40 AM 2/11/97 -0700, Warner Losh wrote: >Keep in mind, as was recently pointed out to me, that just bringing in >the OpenBSD patches will not make FreeBSD secure. For that a top to >bottom audit of code running at elevated priviledge must be >completed. The patches will tend to make FreeBSD more secure, but you >won't know until after you've audited if you've grabbed everything or >not. You won't ever know. I do not believe FreeBSD (or any other major OS written in C) will ever be 100% secure - there are too many pitfalls, and too easy to write unsafe code. However, we can always strive towards it, and removing just *one* more of the easy breakins make it just that little bit harder for the hackers. A nice thing I've been noticing lately is that when I do security audits for selected parts of the 2.1.6 code and find exploits, they tend to be fixed in -current already. That at least show that the obvious stuff is going away. Eivind Eklund perhaps@yes.no http://maybe.yes.no/perhaps/ eivind@freebsd.org
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?3.0.32.19970211191451.00b80ec0>