===================================================================
RCS file: /cvsrepo/anoncvs/cvs/www/35.html,v
retrieving revision 1.46
retrieving revision 1.47
diff -u -r1.46 -r1.47
--- www/35.html	2004/03/24 20:33:31	1.46
+++ www/35.html	2004/03/24 23:21:29	1.47
@@ -74,6 +74,7 @@
 <ul>
 <li><a href="http://www.openbsd.org/amd64.html">OpenBSD/amd64</a>
 <li><a href="http://www.openbsd.org/cats.html">OpenBSD/cats</a>
+<li><a href="http://www.openbsd.org/cats.html">OpenBSD/mvme88k</a>
 </ul>
 <p>
 
@@ -122,8 +123,12 @@
 <li> New functionality:
 <ul>
 <li>New ptm device (see <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=pty&sektion=4">pty(4)</a>)
-that allows non-privileged processes to allocate a properly-permissioned pty. No more setuid(root)
-<a href="http://www.openbsd.org/cgi-bin/man.cgi?query=xterm&sektion=1">xterm(1)</a>!
+that allows non-privileged processes to allocate a properly-permissioned pty.<br>
+As a result any process can now open a pty easily, meaning
+<a href="http://www.openbsd.org/cgi-bin/man.cgi?query=xterm&sektion=1">xterm(1)</a>
+and 
+<a href="http://www.openbsd.org/cgi-bin/man.cgi?query=xconsole&sektion=1">xconsole(1)</a>
+are no longer setuid root.  (In 3.4 they were setuid root, but privilege revoking).
 <li>The <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=closefrom&sektion=2">closefrom(2)</a>
 system call has been added.
 <li>TCP MD5 signatures (used by <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=nc&sektion=1">nc(1)</a>
@@ -135,12 +140,12 @@
 <li>Interface 'cloning,' accessed by
 <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=ifconfig&sektion=8">ifconfig(8)</a>
 commands <em>create</em> and <em>destroy</em>. E.g. `ifconfig vlan100 create'.
-<li>The MAKEDEV(8) manual pages are now generated.
-<li>Complete rewrite of package tools in perl.
+<li>The MAKEDEV(8) manual pages are now generated, and hence, accurate.
+<li>Complete rewrite of <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=pkg_add&sektion=1">package</a> tools in perl.
 <li><a href="http://www.openbsd.org/cgi-bin/man.cgi?query=syslogd&sektion=8">syslogd(8)</a>
 now supports logging to memory buffers, to be read using 
 <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=syslogc&sektion=8">syslogc(8)</a>.
-This is useful for diskless devices.
+This is useful for diskless or flash-based computers.
 <li><a href="http://www.openbsd.org/cgi-bin/man.cgi?query=ipsec&sektion=4">IPsec</a> ESP in UDP encapsulation.
 <li><a href="http://www.openbsd.org/cgi-bin/man.cgi?query=malloc&sektion=3">
 malloc(3)</a> randomization and guard pages. This helps to detect out-of-bounds
@@ -154,10 +159,11 @@
 </ul>
 <p>
 
-<li> Privilege separation added to allow complex operations to occur in an untrusted, unprivileged process:
+<li> Privilege separation added to allow complex operations to occur in an untrusted, unprivileged process, resulting in much greater security for the following processes:
 <ul>
 <li><a href="http://www.openbsd.org/cgi-bin/man.cgi?query=isakmpd&sektion=8">isakmpd(8)</a>
 <li><a href="http://www.openbsd.org/cgi-bin/man.cgi?query=named&sektion=8">named(8)</a>
+(Previously privilege revoking, but this had a small breakage).
 <li><a href="http://www.openbsd.org/cgi-bin/man.cgi?query=pflogd&sektion=8">pflogd(8)</a>
 <li><a href="http://www.openbsd.org/cgi-bin/man.cgi?query=tcpdump&sektion=8">tcpdump(8)</a>
 </ul>
@@ -165,9 +171,9 @@
 
 <li> New tools:
 <ul>
-<li><a href="http://www.openbsd.org/cgi-bin/man.cgi?query=sensorsd&sektion=8">sensorsd(8)</a>, monitoring hardware sensors,
-<li><a href="http://www.openbsd.org/cgi-bin/man.cgi?query=procmap&sektion=1">procmap(1)</a>, examine a process' memory map,
-<li><a href="http://www.openbsd.org/cgi-bin/man.cgi?query=bgpd&sektion=8">bgpd(8)</a>, implementing the <a href="http://www.rfc-editor.org/rfc/rfc1771.txt">BGP-4</a> routing protocol,
+<li><a href="http://www.openbsd.org/cgi-bin/man.cgi?query=sensorsd&sektion=8">sensorsd(8)</a>, monitoring hardware sensors.
+<li><a href="http://www.openbsd.org/cgi-bin/man.cgi?query=procmap&sektion=1">procmap(1)</a>, to examine a process' memory map.
+<li><a href="http://www.openbsd.org/cgi-bin/man.cgi?query=bgpd&sektion=8">bgpd(8)</a>, implementing the <a href="http://www.rfc-editor.org/rfc/rfc1771.txt">BGP-4</a> routing protocol.
 <li><a href="http://www.openbsd.org/cgi-bin/man.cgi?query=pkill&sektion=1">pkill(1)</a> and
 <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=pgrep&sektion=1">pgrep(1)</a>, finding or signalling processes by name.
 </ul>
@@ -540,7 +546,7 @@
 alt="OpenBSD"></a>
 <a href="mailto:www@openbsd.org">www@openbsd.org</a>
 <br><small>
-$OpenBSD: 35.html,v 1.46 2004/03/24 20:33:31 tedu Exp $
+$OpenBSD: 35.html,v 1.47 2004/03/24 23:21:29 deraadt Exp $
 </small>
 
 </body>
