[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Wanting opinions...
At 10:03 AM 6/19/2005 -0500, Gary Smithe wrote:
>Oh, and Theo has pissed off a bunch of people within the BSD
>community, too (namely FreeBSD). He just likes controversy.
If controversy means:
"As part of the recent "string cleaning", countless occurrences of strcpy,
strcat, sprintf, and vsprintf were replaced with bounded,
safer variants like, strlcpy, strlcat, snprintf, vsnprintf, and asprintf
(see OpenBSD man
pages (http://www.openbsd.org/cgi-bin/man.cgi) for details). In addition to
the ongoing source code auditing, OpenBSD contains
strong cryptography. More recently, several new technologies have been
integrated into the system, further increasing its security. As
of version 3.3, ProPolice has been enabled by default in GCC, providing
additional protection against stack smashing attacks. In
OpenBSD 3.4, this protection has been enabled in the kernel as well. W^X
(pronounced: "w x-or x") is a fine-grained memory
management scheme ensuring that memory is either writable, or executable,
but never both, providing yet another layer of protection
against buffer overflows. Privilege separation, privilege revocation, and
randomized loading of libraries also play an ever increasing
role in the security of the system." [http://en.wikipedia.org/wiki/OpenBSD]
I vote for controversy.
Lee
-
To unsubscribe, send email to majordomo@silug.org with
"unsubscribe silug-discuss" in the body.