NetBSD 5.x security

To: tech-security%NetBSD.org@localhost
Subject: NetBSD 5.x security
From: Piotr Meyer <aniou%smutek.pl@localhost>
Date: Mon, 5 Apr 2010 22:14:04 +0200

I made some research and I found following issues on NetBSD 5.x / i386
in features described in security(8):

1. ASLR

   a) Bug described in: 
      http://mail-index.netbsd.org/netbsd-bugs/2009/08/12/msg012786.html
      still exists and made ASLR unusable (random crashes, frequently
      in applications linked with '-ltph').

   b) System built witch MKPIE doesn't work at all, init still panics,
      as described in:
      http://mail-index.netbsd.org/port-i386/2009/05/01/msg001339.html

   - I tested botch cases. Yes, this doesn't work.
      
2. SSP (Stack Smashing Protection) is disabled by default:
   http://mail-index.netbsd.org/current-users/2009/11/12/msg011206.html

   (Interesting: looks like FreeBSD 8 has stack protection enabled by 
    default: http://www.freebsd.org/releases/8.0R/relnotes.html)

3. CVE-2009-2793 problem, described in:
   http://seclists.org/fulldisclosure/2009/Sep/221 was fixed in Jan 2010
   but still isn't backported to stable branch, so any local user can
   cause panic on "stable" NetBSD 5.x installation (I test it). Is any
   backport planned?

Did I miss something? I'm curious to know, how looks current TODO for 
security in NetBSD: will be these issues fixed, or - maybe - some features 
will be removed from distribution (or from specific ports)? 

-- 
Piotr 'aniou' Meyer

Follow-Ups:
- Re: NetBSD 5.x security
  - From: Christos Zoulas

Prev by Date: Request for feedback on TCP security (IETF effort)
Next by Date: Re: NetBSD 5.x security
Previous by Thread: Request for feedback on TCP security (IETF effort)
Next by Thread: Re: NetBSD 5.x security
Indexes:

Home | Main Index | Thread Index | Old Index