Date: Wed, 24 Nov 1999 10:41:07 -0500 From: Dan Moschuk <dan@FreeBSD.ORG> To: Mark Murray <mark@grondar.za> Cc: current@FreeBSD.ORG Subject: Re: FreeBSD security auditing project. Message-ID: <19991124104107.A264@spirit.jaded.net> In-Reply-To: <199911231905.VAA80946@gratis.grondar.za>; from mark@grondar.za on Tue, Nov 23, 1999 at 09:05:25PM %2B0200 References: <199911231905.VAA80946@gratis.grondar.za>
next in thread | previous in thread | raw e-mail | index | archive | help
| Hello FreebSD'ers!
|
| [ Apologies to committers, I have Bcc'ed you to ensure you got
| this; you may get two copies. ]
|
| I have been charged with the duty of ensuring that FreeBSD gets a
| security audit that has the credibility of OpenBSD's.
|
| Consider this to be a request-for-discussion that will head us over to
| the actual work of getting it done.
Great to hear that we are finally doing this. :-)
| My proposals are pretty simple;
|
| 1) We need to eyeball _all_ of the code for potential security holes,
| and fix those ASAP.
|
| 2) I propose that <WE> diff(1) FreeBSD with {Open|Net}BSD, and with a
| security perspective apply those bits that look relevant and that will
| work. Who nose - we may even pick up some useful featurez!
I have a set up diff's that introduce OpenBSDs concept of random pids and
source port (with a sysctl knob for you sequential weenies) that will have
to be updated again before I commit them.
--
Dan Moschuk (TFreak!dan@freebsd.org)
"Cure for global warming: One giant heatsink and dual fans!"
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-current" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?19991124104107.A264>