Date: Tue, 14 Jan 2014 12:16:19 +0100 From: Julien Cigar <jcigar@ulb.ac.be> To: David Noel <david.i.noel@gmail.com> Cc: FreeBSD Questions Mailing List <freebsd-questions@freebsd.org> Subject: Re: Exploit Mitigation Techniques: an Update After 10 Years (Theo de Raadt) Message-ID: <20140114111619.GC1672@mordor.lan> In-Reply-To: <CAHAXwYC8ScSRyGHSG0gzVG=YYfoSrVbJJ6afSZzhZEOa4L5_SQ@mail.gmail.com> References: <CAHAXwYC8ScSRyGHSG0gzVG=YYfoSrVbJJ6afSZzhZEOa4L5_SQ@mail.gmail.com>
next in thread | previous in thread | raw e-mail | index | archive | help
http://www.itwire.com/business-it-news/open-source/62728-mckusick-denies-freebsd-lagging-on-security On Tue, Jan 14, 2014 at 05:03:28AM -0600, David Noel wrote: > http://tech.yandex.ru/events/yagosti/ruBSD/talks/1487/ > > I found an interesting talk the other day by OpenBSD's Theo de Raadt > discussing the various exploit mitigation techniques used by OpenBSD. > After outlining them he spent a few minutes talking about their > adoption by other operating systems. He was particularly critical of > the FreeBSD project for either not incorporating these techniques or > for incorporating them, but disabling them by default. > > I'm not a systems developer so I have little basis for an opinion on > what he said. I was hoping someone here who was more knowledgeable in > that domain could chime in. Are the techniques he describes really the > cutting edge when it comes to operating system security? Again, I'm > not a systems guy, but I could see the value in the techniques he > described. On the other hand I could also see how things like address > space randomization could be dismissed as security through obscurity, > and stand as nothing more than a small roadblock one would have to > work around to compromise a system. > > If these techniques are not worth implementing, what are their main > criticisms? If they are as useful as Theo seems to believe, what > efforts are underway to incorporate them into FreeBSD? > > -David > _______________________________________________ > freebsd-questions@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-questions > To unsubscribe, send any mail to "freebsd-questions-unsubscribe@freebsd.org" -- No trees were killed in the creation of this message. However, many electrons were terribly inconvenienced.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20140114111619.GC1672>