Skip site navigation (1)Skip section navigation (2)
Date:      Wed, 24 Nov 1999 10:41:07 -0500
From:      Dan Moschuk <dan@FreeBSD.ORG>
To:        Mark Murray <mark@grondar.za>
Cc:        current@FreeBSD.ORG
Subject:   Re: FreeBSD security auditing project.
Message-ID:  <19991124104107.A264@spirit.jaded.net>
In-Reply-To: <199911231905.VAA80946@gratis.grondar.za>; from mark@grondar.za on Tue, Nov 23, 1999 at 09:05:25PM %2B0200
References:  <199911231905.VAA80946@gratis.grondar.za>

next in thread | previous in thread | raw e-mail | index | archive | help

| Hello FreebSD'ers!
| 
| [ Apologies to committers, I have Bcc'ed you to ensure you got
|   this; you may get two copies. ]
| 
| I have been charged with the duty of ensuring that FreeBSD gets a
| security audit that has the credibility of OpenBSD's.
| 
| Consider this to be a request-for-discussion that will head us over to
| the actual work of getting it done.

Great to hear that we are finally doing this. :-)

| My proposals are pretty simple;
| 
| 1) We need to eyeball _all_ of the code for potential security holes,
| and fix those ASAP.
| 
| 2) I propose that <WE> diff(1) FreeBSD with {Open|Net}BSD, and with a
| security perspective apply those bits that look relevant and that will
| work. Who nose - we may even pick up some useful featurez!

I have a set up diff's that introduce OpenBSDs concept of random pids and
source port (with a sysctl knob for you sequential weenies) that will have
to be updated again before I commit them.

-- 
Dan Moschuk (TFreak!dan@freebsd.org)
"Cure for global warming: One giant heatsink and dual fans!"


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-current" in the body of the message




Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?19991124104107.A264>