===================================================================
RCS file: /cvsrepo/anoncvs/cvs/www/35.html,v
retrieving revision 1.46
retrieving revision 1.47
diff -u -r1.46 -r1.47
--- www/35.html 2004/03/24 20:33:31 1.46
+++ www/35.html 2004/03/24 23:21:29 1.47
@@ -74,6 +74,7 @@
@@ -122,8 +123,12 @@
New functionality:
- New ptm device (see pty(4))
-that allows non-privileged processes to allocate a properly-permissioned pty. No more setuid(root)
-xterm(1)!
+that allows non-privileged processes to allocate a properly-permissioned pty.
+As a result any process can now open a pty easily, meaning
+xterm(1)
+and
+xconsole(1)
+are no longer setuid root. (In 3.4 they were setuid root, but privilege revoking).
- The closefrom(2)
system call has been added.
- TCP MD5 signatures (used by nc(1)
@@ -135,12 +140,12 @@
- Interface 'cloning,' accessed by
ifconfig(8)
commands create and destroy. E.g. `ifconfig vlan100 create'.
-
- The MAKEDEV(8) manual pages are now generated.
-
- Complete rewrite of package tools in perl.
+
- The MAKEDEV(8) manual pages are now generated, and hence, accurate.
+
- Complete rewrite of package tools in perl.
- syslogd(8)
now supports logging to memory buffers, to be read using
syslogc(8).
-This is useful for diskless devices.
+This is useful for diskless or flash-based computers.
- IPsec ESP in UDP encapsulation.
-
malloc(3) randomization and guard pages. This helps to detect out-of-bounds
@@ -154,10 +159,11 @@
-
Privilege separation added to allow complex operations to occur in an untrusted, unprivileged process:
+ Privilege separation added to allow complex operations to occur in an untrusted, unprivileged process, resulting in much greater security for the following processes:
@@ -165,9 +171,9 @@
New tools:
-- sensorsd(8), monitoring hardware sensors,
-
- procmap(1), examine a process' memory map,
-
- bgpd(8), implementing the BGP-4 routing protocol,
+
- sensorsd(8), monitoring hardware sensors.
+
- procmap(1), to examine a process' memory map.
+
- bgpd(8), implementing the BGP-4 routing protocol.
- pkill(1) and
pgrep(1), finding or signalling processes by name.
@@ -540,7 +546,7 @@
alt="OpenBSD">
www@openbsd.org
-$OpenBSD: 35.html,v 1.46 2004/03/24 20:33:31 tedu Exp $
+$OpenBSD: 35.html,v 1.47 2004/03/24 23:21:29 deraadt Exp $