Date: Wed, 24 Nov 1999 10:41:07 -0500 From: Dan Moschuk <dan@FreeBSD.ORG> To: Mark Murray <mark@grondar.za> Cc: current@FreeBSD.ORG Subject: Re: FreeBSD security auditing project. Message-ID: <19991124104107.A264@spirit.jaded.net> In-Reply-To: <199911231905.VAA80946@gratis.grondar.za>; from mark@grondar.za on Tue, Nov 23, 1999 at 09:05:25PM %2B0200 References: <199911231905.VAA80946@gratis.grondar.za>
next in thread | previous in thread | raw e-mail | index | archive | help
| Hello FreebSD'ers! | | [ Apologies to committers, I have Bcc'ed you to ensure you got | this; you may get two copies. ] | | I have been charged with the duty of ensuring that FreeBSD gets a | security audit that has the credibility of OpenBSD's. | | Consider this to be a request-for-discussion that will head us over to | the actual work of getting it done. Great to hear that we are finally doing this. :-) | My proposals are pretty simple; | | 1) We need to eyeball _all_ of the code for potential security holes, | and fix those ASAP. | | 2) I propose that <WE> diff(1) FreeBSD with {Open|Net}BSD, and with a | security perspective apply those bits that look relevant and that will | work. Who nose - we may even pick up some useful featurez! I have a set up diff's that introduce OpenBSDs concept of random pids and source port (with a sysctl knob for you sequential weenies) that will have to be updated again before I commit them. -- Dan Moschuk (TFreak!dan@freebsd.org) "Cure for global warming: One giant heatsink and dual fans!" To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-current" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?19991124104107.A264>