Date: Tue, 12 Aug 2003 13:31:49 +0200 From: "Simon L. Nielsen" <simon@FreeBSD.org> To: "Devon H. O'Dell" <dodell@sitetronics.com> Cc: security@freebsd.org Subject: Re: realpath(3) et al Message-ID: <20030812113147.GA1022@FreeBSD.org> In-Reply-To: <003501c360b0$6dad9970$9f8d2ed5@internal> References: <20030812085617.GA407@FreeBSD.org> <003501c360b0$6dad9970$9f8d2ed5@internal>
next in thread | previous in thread | raw e-mail | index | archive | help
--0OAP2g/MAC+5xKAE Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On 2003.08.12 11:02:16 +0200, Devon H. O'Dell wrote: > Is there a list of these bugs available anywhere? If not, what software is > recommended to import, keep track of, and document these bugs? The audit fixes from OpenBSD? I have no idea if they keep track of them in some special way, but I think that integrating whem will require a lot of looking at CVS commit logs and comparing code. > Features such as a protected stack should, IMO, be implemented as soon as > possible to keep FreeBSD heads-afloat right now in the security sense.... > OpenBSD has implemented this already and there are many patches for Linux= to > do the same... why don't we go ahead and shove some of this code into CVS? This is a different issue which I don't think should be mixed with general auditing, since it's far from a trivial change to support this (at least so I heard - I haven't looked into it, and I have no plans to do so). --=20 Simon L. Nielsen FreeBSD Documentation Team --0OAP2g/MAC+5xKAE Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.2 (FreeBSD) iD8DBQE/ONAjh9pcDSc1mlERAlaYAKCHrsnC6u3GGlspYJJIOoL6hyGUaACfQ97j zPPjx0qw2INamMeTOKDmeYk= =cBiW -----END PGP SIGNATURE----- --0OAP2g/MAC+5xKAE--
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20030812113147.GA1022>