Return to errata.html CVS log | Up to [local] / www |
version 1.543, 2006/01/05 05:34:07 | version 1.544, 2006/01/13 23:13:00 | ||
---|---|---|---|
|
|
||
<a name="vax"></a> | <a name="vax"></a> | ||
<ul> | <ul> | ||
<li><a name="i386machdep"></a> | |||
<font color="#009000"><strong>004: RELIABILITY FIX: January 13, 2006</strong></font> <i>i386 architecture</i><br> | |||
Constrain | |||
<a href="http://www.openbsd.org/cgi-bin/man.cgi?query=i386_set_ioperm&arch=i386&sektion=2">i386_set_ioperm(2)</a> | |||
so even root is blocked from accessing the ioports | |||
unless the machine is running at lower securelevels or with an open X11 aperture. | |||
<br> | |||
<a href="ftp://ftp.openbsd.org/pub/OpenBSD/patches/3.8/i386/004_i386machdep.patch"> | |||
A source code patch exists which remedies this problem</a>.<br> | |||
<p> | |||
<li><a name="i386pmap"></a> | |||
<font color="#009000"><strong>003: RELIABILITY FIX: January 13, 2006</strong></font> <i>i386 architecture</i><br> | |||
Change the implimentation of i386 W^X so that the "execute line" can move around. | |||
Before it was limited to being either at 512MB (below which all code normally | |||
lands) or at the top of the stack. Now the line can float as | |||
<a href="http://www.openbsd.org/cgi-bin/man.cgi?query=mprotect&sektion=2">mprotect(2)</a> | |||
and | |||
<a href="http://www.openbsd.org/cgi-bin/man.cgi?query=mmap&sektion=2">mmap(2)</a> | |||
requests need it to. This is now implimented using only GDT selectors | |||
instead of the LDT so that it is more robust as well. | |||
<br> | |||
<a href="ftp://ftp.openbsd.org/pub/OpenBSD/patches/3.8/i386/003_i386pmap.patch"> | |||
A source code patch exists which remedies this problem</a>.<br> | |||
<p> | |||
<li><a name="fd"></a> | <li><a name="fd"></a> | ||
<font color="#009000"><strong>002: SECURITY FIX: January 5, 2006</strong></font> <i>All architectures</i><br> | <font color="#009000"><strong>002: SECURITY FIX: January 5, 2006</strong></font> <i>All architectures</i><br> | ||
Do not allow users to trick suid programs into re-opening files via /dev/fd. | Do not allow users to trick suid programs into re-opening files via /dev/fd. |