tech-security archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

NetBSD 5.x security

I made some research and I found following issues on NetBSD 5.x / i386
in features described in security(8):


   a) Bug described in:
      still exists and made ASLR unusable (random crashes, frequently
      in applications linked with '-ltph').

   b) System built witch MKPIE doesn't work at all, init still panics,
      as described in:

   - I tested botch cases. Yes, this doesn't work.
2. SSP (Stack Smashing Protection) is disabled by default:

   (Interesting: looks like FreeBSD 8 has stack protection enabled by 

3. CVE-2009-2793 problem, described in: was fixed in Jan 2010
   but still isn't backported to stable branch, so any local user can
   cause panic on "stable" NetBSD 5.x installation (I test it). Is any
   backport planned?

Did I miss something? I'm curious to know, how looks current TODO for 
security in NetBSD: will be these issues fixed, or - maybe - some features 
will be removed from distribution (or from specific ports)? 

Piotr 'aniou' Meyer

Home | Main Index | Thread Index | Old Index