===================================================================
RCS file: /cvsrepo/anoncvs/cvs/www/34.html,v
retrieving revision 1.3
retrieving revision 1.4
diff -u -r1.3 -r1.4
--- www/34.html 2003/09/04 04:28:18 1.3
+++ www/34.html 2003/09/04 04:52:08 1.4
@@ -85,14 +85,30 @@
A static bounds checker has been added to the compiler to perform basic
- checks on functions which accept buffers and sizes.
+ checks on functions which accept buffers and sizes. The checker aims to
+ find common mistakes in the use of library functions such as
+ strlcpy(3)
+ or sscanf(3)
+ without emitting any false positives. Running it over the source and ports
+ trees revealed over a hundred real bugs, which were fixed and submitted back
+ to the original authors where possible.
-
Privilege separation for syslogd was integrated.
+Privilege separation has been implemented for the syslog daemon, making it much
+ more robust against future errors. The child which listens to network traffic
+ now runs as a normal user and chroots itself, while the parent process tracks
+ the state of the child and performs privileged operations on its behalf.
Many unsafe string functions have been removed from the kernel and userland
- utilities.
+ utilities. This audit is one of the most comprehensive OpenBSD has ever done,
+ with thousands of occurrences of
+ strcpy(3) and
+ strcat(3)
+ being replaced with safer, bounded alternatives such as
+ strlcpy(3) and
+ strlcat(3).
+
Support for
@@ -103,8 +119,10 @@
Manual pages have been greatly cleaned up and improved.
-
Systrace support in the ports subsystem to aid in detecting misbehaving
- programs.
+The ports tree now supports building programs under
+ systrace(1),
+ preventing the possibility of applications harming the system at compile-time
+ via trojaned configuration scripts or otherwise.
More licenses fixes, including the removal of the advertising clause
@@ -439,7 +457,7 @@
alt="OpenBSD">
www@openbsd.org
-$OpenBSD: 34.html,v 1.3 2003/09/04 04:28:18 jason Exp $
+$OpenBSD: 34.html,v 1.4 2003/09/04 04:52:08 avsm Exp $