Re: Fwd: Any user can panic OpenBSD machine

From: Jason Thorpe (thorpejat_private)
Date: Tue Jul 28 1998 - 10:51:12 PDT

Next message: der Mouse: "Re: EMERGENCY: new remote root exploit in UW imapd"

Previous message: David Maxwell: "Re: Fwd: Any user can panic OpenBSD machine"
Maybe in reply to: Michael Fuhr: "Fwd: Any user can panic OpenBSD machine"
Next in thread: Theo de Raadt: "Re: Fwd: Any user can panic OpenBSD machine"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Mon, 27 Jul 1998 23:21:20 -0400
 "Perry E. Metzger" <perryat_private> wrote:

 > Personally, I find the constant claims that OpenBSD is more secure
 > than FreeBSD and NetBSD annoying. We all do extensive security
 > work. This is just another example of a fairly common situation -- in
 > which OpenBSD has a bug that other BSDs don't. Sometimes it is the
 > other way around, too, but you'd think from the propaganda that it was
 > always, or even usually, OpenBSD that was the most secure system.

I'd also like to point out that the OpenBSD "fix" for the problem is
incorrect.

It is now possible for the OpenBSD read and write system calls to return
garbage "bytes actually transfered" values.

Jason R. Thorpe                                       thorpejat_private
NASA Ames Research Center                            Home: +1 408 866 1912
NAS: M/S 258-5                                       Work: +1 650 604 0935
Moffett Field, CA 94035                             Pager: +1 650 940 5942

Next message: der Mouse: "Re: EMERGENCY: new remote root exploit in UW imapd"
Previous message: David Maxwell: "Re: Fwd: Any user can panic OpenBSD machine"
Maybe in reply to: Michael Fuhr: "Fwd: Any user can panic OpenBSD machine"
Next in thread: Theo de Raadt: "Re: Fwd: Any user can panic OpenBSD machine"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 14:09:00 PDT