Date: Fri, 13 Aug 1999 18:29:20 +1000 (EST) From: Darren Reed <avalon@coombs.anu.edu.au> To: imp@village.org (Warner Losh) Cc: avalon@coombs.anu.edu.au, gill@topsecret.net, tomb@securify.com, andrewr@slack.net, freebsd-security@FreeBSD.ORG Subject: Re: "Secure-FreeBSD" Idea Message-ID: <199908130829.SAA25334@cheops.anu.edu.au> In-Reply-To: <199908130714.BAA08901@harmony.village.org> from "Warner Losh" at Aug 13, 99 01:14:44 am
next in thread | previous in thread | raw e-mail | index | archive | help
In some mail from Warner Losh, sie said: > > In message <199908130431.OAA23238@cheops.anu.edu.au> Darren Reed writes: > : NetBSD's primarily goal is stability and portability although they seem > : to discover new security problems more often than OpenBSD people do. By > : that I mean problems which involve more than program X having a new buffer > : overflow problem. > > Are you counting the hundreds of buffer overflows that OpenBSD fixed > to begin with? I've seen many many many more buffer overflows from > OpenBSD than from NetBSD. No, but then buffer overflows don't really interest me. They're not hard to find, fix or exploit. Nor are they `new'. OpenBSD's audit didn't find the recent profil(2) bug, which the NetBSD folks did. There are many types of security problems, and those OpenBSD have been addressing, whilst essential and very worthy, have been simple to spot and solve. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199908130829.SAA25334>