Date: Sun, 16 Jul 2000 15:08:38 -0700 (PDT) From: Kris Kennaway <kris@FreeBSD.org> To: Joachim =?iso-8859-1?Q?Str=F6mbergson?= <watchman@ludd.luth.se> Cc: FreeBSD-SECURITY <freebsd-security@FreeBSD.ORG>, Mark Murray <mark@grondar.za> Subject: Re: Status of FreeBSD security work? Audit, regression and crypto swap? Message-ID: <Pine.BSF.4.21.0007161505260.85469-100000@freefall.freebsd.org> In-Reply-To: <39721CE4.A8E681E9@ludd.luth.se>
next in thread | previous in thread | raw e-mail | index | archive | help
On Sun, 16 Jul 2000, Joachim [iso-8859-1] Str=F6mbergson wrote:
> (1) So, what's the status of the FreeBSD security audit? Anything that
> could need a hand?
The mailing list is freebsd-audit - activity has dropped off
significantly, but there is still a lot to be done. Check the archives for
a list of outstanding problems. After 4.1-REL I'm going to try and
re-marshal the troops and get some activity happening again.
> Some other questions very much related to security:
>=20
> (2) I took a look at the OpenBSD sources (looked or browed - superficial
> in any case). Judging by what I saw, it seems that OpenBSD as part of
> it's source have a whole bunch of test cases for regression run
> purposes. I don't know what they stress, but from my HW-experience,
> regression runs are a great way to improve system quality. I know I do a
> buildworld on a regular basis after cvsupping, but that does not stress
> the whole system by a long shot. So, has anybody looked at the
> regression stuff for OpenBSD? Anything for FreeBSD? How is the FreeBSD
> system tested normally by folks out there? Can we do better?
Well, this isn't really related to security..and we don't have anything
formal in place. Your efforts would be appreciated though.
> (3) OpenBSD 2.7 introduced crypto swap. After reading through mr Provos
> paper about crypto swap (and the stuff he found on his swap, among other
> things), I got interested in trying this out myself. Is anybody looking
> at this for FreeBSD? Would it be a good idea, anything of value for
> FreeBSD?
With some forthcoming changes by Poul-Henning Kamp it should be pretty
easy to do..though it likely won't be back-ported to 4.x.
Kris
--
In God we Trust -- all others must submit an X.509 certificate.
-- Charles Forsythe <forsythe@alum.mit.edu>
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.BSF.4.21.0007161505260.85469-100000>