Security (was Re: Working with the UKUUG and LUUG)

Paul Civati paul at xciv.org
Sun Feb 27 18:33:07 GMT 2000


Brian Somers <brian at Awfulhak.org> wrote:

> > ./sendmail-exploits/8.6/freebsdmail.c
> > ./bsd-exploits/freebsd/FreeBSD-ppp.c
> 
> Hmm, I would suggest that some of these ``exploits'' are a bit old.  
> Ppp was a wonderful way of getting root up until almost 3 years ago...
> 
> Anybody got the time to go through all of these and disprove most/all 
> of them ?

It wasn't a challenge, the point was merely to open peoples eyes to
the kind of stuff that is "out there".  You can bet there is more
up to date stuff around, within certain circles.

It takes a lot of resources to do security seriously, which OpenBSD
have done.  Whereas I would say FreeBSD have used a similar amount
of resources in enhancing performance.

I'm very much for using the right tool for the job, and it's always
advantageous to recognise the weaknesses in the tools you're using,
as well as the advantages.

-Paul-





More information about the Ukfreebsd mailing list