From owner-freebsd-hackers Fri Aug 9 06:23:22 1996 Return-Path: owner-hackers Received: (from root@localhost) by freefall.freebsd.org (8.7.5/8.7.3) id GAA08138 for hackers-outgoing; Fri, 9 Aug 1996 06:23:22 -0700 (PDT) Received: from atena.eurocontrol.fr (atena.uneec.eurocontrol.fr [147.196.69.10]) by freefall.freebsd.org (8.7.5/8.7.3) with SMTP id GAA08132 for ; Fri, 9 Aug 1996 06:23:18 -0700 (PDT) Received: by atena.eurocontrol.fr; (5.65v3.2/1.3/10May95) id AA16074; Fri, 9 Aug 1996 15:23:15 +0200 Received: from mozart.eurocontrol.fr by eurocontrol.fr with ESMTP (1.37.109.16/16.2) id AA041146890; Fri, 9 Aug 1996 15:21:30 +0200 Message-Id: <199608091321.AA041146890@euro.eurocontrol.fr> Received: by mozart.eurocontrol.fr (1.37.109.16/16.2) id AA197976889; Fri, 9 Aug 1996 15:21:29 +0200 Date: Fri, 9 Aug 1996 15:21:29 +0200 From: ollivier.robert@eurocontrol.fr (Ollivier Robert) To: freebsd-hackers@FreeBSD.ORG (FreeBSD Hackers' list) Subject: List of OpenBSD changes X-Mailer: Mutt 0.38 Mime-Version: 1.0 Sender: owner-hackers@FreeBSD.ORG X-Loop: FreeBSD.org Precedence: bulk I'm sure we can integrate some of Theo's changes although it may be difficult. Is there anyone with a little time and both CVS tree to compare? ------- start of forwarded message ------- From: deraadt@theos.com (Theo de Raadt) Newsgroups: comp.unix.bsd.netbsd.misc Subject: List of OpenBSD changes Date: 08 Aug 1996 20:42:08 GMT Here's a list of machine-independent changes that OpenBSD has done of late. All NetBSD-current changes have been merged in. As well, many (if not most) FreeBSD userland changes have been merged in too. This list is updated and maintained on the main OpenBSD web page at http://www.OpenBSD.org The machine-dependent changes are maintained on the per-port pages, for example the i386 change list is maintained at http://www.OpenBSD.org/i386.html For brevity, these lists contain only MAJOR changes. There isn't any point in listing the 100+ buffer overflows in setuid programs which we've fixed... ---- Many many NetBSD PR's fixed (which NetBSD has not yet fixed) New curses library, including libform, libpanel and libmenu. a termlib library which understands termcap.db, needed for new curses. The FreeBSD ports subsystem was integrated and is usable by you! ipfilter for filtering dangerous packets better ELF support nlist() that understands ELF, ECOFF, and a.out, allowing non-a.out ports to use kvm utilies Verbatim integration of the GNU tools (using a wrapper Makefile) All the pieces needed for cross compilation are in the source tree. Some LKM support in the tree. ATAPI support (should work on all ISA busses) new scsi, md5, pkg_* commands Numerous security related fixes Kerberos and other crypto in the source tree that is exportable Solid YP master, server, and client capabilities. /dev/rnd -- source of random data In-kernel update(8) with an adaptive algorithm Some ddb improvements and extensions Numerous scsi fixes new system calls: rfork(), minherit(), poll(). select() that can handle any amount of file descriptors. kernfs extensions ATM support (support for one company's sparc & i386 cards available) Boot kernels with "-c" to edit/enable/disable device configuration tables pax as tar, gnutar is toast using AT&T awk, gawk is toast Even more security fixes. Accepts FreeBSD MD5 passwords in password maps, soon will be able to generate them too Linux ext2fs and BSD4.4 LFS support being worked on. Working ATAPI audio (and data) support for multiple architectures. terminfo database support. Fortran in the tree. The most secure rdist support anywhere. randomized port allocation in bind(), bindresvport(), and rresvport() -- security via unpredictability. Protection from the udp spamming and ftp bounce attacks. Significantly improved ftp daemon. Numerous more security policy and implimentation improvements (OpenBSD defaults to installing in a very secure mode) zlib (non-GPL'd gzip-compatible library) Newest version of ppp, vi, _POSIX_SAVED_IDS behaviour with permitted BSD extensions. Fixed long-standing vm swap-leak. FreeBSD malloc() that uses mmap() and is able to free unused memory. Numerous FreeBSD userland fixes and improvements incorporated. new rdisc Router Discovery daemon generic protection against the bind() takeover problem. at -f security fix. install now supports -C, -p, and -S flags. a real adduser program, which can even be used uninteractively. Like C2, lose setuid/setgid bits if owner/group changed by chown(). This is attached to a sysctl. partial protection against tcp SYN attacks. -- This space not left unintentionally unblank. deraadt@theos.com ------- end of forwarded message ------- -- Ollivier ROBERT -=- Eurocontrol EEC/TIS -=- Ollivier.Robert@eurocontrol.fr