===================================================================
RCS file: /cvsrepo/anoncvs/cvs/www/innovations.html,v
retrieving revision 1.55
retrieving revision 1.56
diff -c -r1.55 -r1.56
*** www/innovations.html 2017/10/25 09:59:38 1.55
--- www/innovations.html 2017/10/25 10:10:55 1.56
***************
*** 28,81 ****
Programs and subsystems
! - ypbind(8),
! ypset(8),
! ypcat(1),
! ypmatch(1),
! ypwhich(1),
and libc support: Started by Theo de Raadt.
Imported April 26, 1993 and first released with NetBSD 0.9.
!
- ypserv(8):
Started by Mats O. Jansson in 1994.
Imported October 23, 1995 and first released with OpenBSD 2.0.
!
- mopd(8):
Started by Mats O. Jansson in 1993.
Imported September 21, 1996 and first released with OpenBSD 2.0.
- AnonCVS:
Designed and implemented by Chuck Cranor and Theo de Raadt in 1995
(paper,
slides)
!
- aucat(1):
Started by Kenneth Stailey.
Imported January 2, 1997 and first released with OpenBSD 2.1.
Now maintained by Alexandre Ratchov.
- OpenSSH
! including ssh(1),
! scp(1),
! sftp(1),
! ssh-add(1),
! ssh-agent(1),
! ssh-keygen(1),
! sshd(8),
! sftp-server(8):
Started by Aaron Campbell, Bob Beck, Dug Song, Markus Friedl,
Niels Provos, and Theo de Raadt
as a fork of SSH 1.2.12 by Tatu Ylonen.
Imported September 26, 1999 and first released with OpenBSD 2.6.
Now maintained by Markus Friedl, Damien Miller, Darren Tucker, and
Theo de Raadt.
!
- mg(1):
Started by Dave Conroy in November 1986.
Imported February 25, 2000 and first released with OpenBSD 2.7.
Now maintained by Mark Lumsden.
!
- m4(1):
Originally implemented by Ozan Yigit and Richard A. O'Keefe for 4.3BSD-Reno.
Considerably extended and maintained by Marc Espie since 1999.
!
- pf(4),
! pfctl(8),
! pflogd(8),
! authpf(8),
! ftp-proxy(8):
Started by Daniel Hartmeier
as a replacement for the non-free ipf by Darren Reed.
Imported June 24, 2001 and first released with OpenBSD 3.0.
--- 28,81 ----
Programs and subsystems
! - ypbind(8),
! ypset(8),
! ypcat(1),
! ypmatch(1),
! ypwhich(1),
and libc support: Started by Theo de Raadt.
Imported April 26, 1993 and first released with NetBSD 0.9.
!
- ypserv(8):
Started by Mats O. Jansson in 1994.
Imported October 23, 1995 and first released with OpenBSD 2.0.
!
- mopd(8):
Started by Mats O. Jansson in 1993.
Imported September 21, 1996 and first released with OpenBSD 2.0.
- AnonCVS:
Designed and implemented by Chuck Cranor and Theo de Raadt in 1995
(paper,
slides)
!
- aucat(1):
Started by Kenneth Stailey.
Imported January 2, 1997 and first released with OpenBSD 2.1.
Now maintained by Alexandre Ratchov.
- OpenSSH
! including ssh(1),
! scp(1),
! sftp(1),
! ssh-add(1),
! ssh-agent(1),
! ssh-keygen(1),
! sshd(8),
! sftp-server(8):
Started by Aaron Campbell, Bob Beck, Dug Song, Markus Friedl,
Niels Provos, and Theo de Raadt
as a fork of SSH 1.2.12 by Tatu Ylonen.
Imported September 26, 1999 and first released with OpenBSD 2.6.
Now maintained by Markus Friedl, Damien Miller, Darren Tucker, and
Theo de Raadt.
!
- mg(1):
Started by Dave Conroy in November 1986.
Imported February 25, 2000 and first released with OpenBSD 2.7.
Now maintained by Mark Lumsden.
!
- m4(1):
Originally implemented by Ozan Yigit and Richard A. O'Keefe for 4.3BSD-Reno.
Considerably extended and maintained by Marc Espie since 1999.
!
- pf(4),
! pfctl(8),
! pflogd(8),
! authpf(8),
! ftp-proxy(8):
Started by Daniel Hartmeier
as a replacement for the non-free ipf by Darren Reed.
Imported June 24, 2001 and first released with OpenBSD 3.0.
***************
*** 86,273 ****
Imported June 4, 2002 and first released with OpenBSD 3.2.
Deleted after OpenBSD 5.9 because
pledge(2) is even better.
!
- spamd(8):
Written by Bob Beck. Imported December 21, 2002 and first released with OpenBSD 3.3.
!
- dc(1):
Written and maintained by Otto Moerbeek.
Imported September 19, 2003 and first released with OpenBSD 3.5.
!
- bc(1):
Written and maintained by Otto Moerbeek.
Imported September 25, 2003 and first released with OpenBSD 3.5.
!
- sensorsd(8):
Started by Henning Brauer.
Imported September 24, 2003 and first released with OpenBSD 3.5.
Reworked by Constantine A. Murenin.
!
- pkg_add(1):
Written and maintained by Marc Espie.
Imported October 16, 2003 and first released with OpenBSD 3.5.
!
- carp(4):
Written by Mickey Shalayeff, Markus Friedl, Marco Pfatschbacher,
and Ryan McBride.
Imported October 17, 2003 and first released with OpenBSD 3.5.
- OpenBGPD
! including bgpd(8)
! and bgpctl(8):
Written and maintained by Henning Brauer and Claudio Jeker,
and also maintained by Peter Hessler.
Imported December 17, 2003 and first released with OpenBSD 3.5.
!
- dhclient(8):
Started by Ted Lemon and Elliot Poger in 1996.
Imported January 18, 2004 and first released with OpenBSD 3.5.
Reworked by Henning Brauer.
Now maintained by Kenneth Westerback.
!
- dhcpd(8):
Started by Ted Lemon in 1995.
Imported April 13, 2004 and first released with OpenBSD 3.6.
Reworked by Henning Brauer.
Now maintained by Kenneth Westerback.
!
- hotplugd(8):
Started by Alexander Yurchenko.
Imported May 30, 2004 and first released with OpenBSD 3.6.
- OpenNTPD
! including ntpd(8)
! and ntpctl(8):
Written and maintained by Henning Brauer.
Imported May 31, 2004 and first released with OpenBSD 3.6.
Portable version maintained by Brent Cook.
!
- dpb(1):
Started by Nikolay Sturm on August 10, 2004; first available for OpenBSD 3.6.
Rewritten and maintained by Marc Espie since August 20, 2010.
!
- ospfd(8),
! ospfctl(8):
Started by Esben Norby and Claudio Jeker.
Imported January 28, 2005 and first released with OpenBSD 3.7.
!
- ifstated(8):
Started by Marco Pfatschbacher and Ryan McBride.
Imported January 23, 2004 and first released with OpenBSD 3.8.
!
- bioctl(8):
Started by Marco Peereboom.
Imported March 29, 2005 and first released with OpenBSD 3.8.
!
- hostapd(8):
Written and maintained by Reyk Floeter.
Imported May 26, 2005 and first released with OpenBSD 3.8.
!
- watchdogd(8):
Started by Marc Balmer.
Imported August 8, 2005 and first released with OpenBSD 3.8.
!
- sdiff(1):
Written by Ray Lai.
Imported December 27, 2005 and first released with OpenBSD 3.9.
!
- dvmrpd(8),
! dvmrpctl(8):
Started by Esben Norby.
Imported June 1, 2006 and first released with OpenBSD 4.0.
!
- ripd(8),
! ripctl(8):
Started by Michele Marchetto.
Imported October 18, 2006 and first released with OpenBSD 4.1.
!
- pkg-config(1):
Started by Chris Kuethe and Marc Espie.
Imported November 27, 2006 and first released with OpenBSD 4.1.
Now maintained by Jasper Lievisse Adriaanse.
!
- relayd(8)
! with relayctl(8):
Started by Pierre-Yves Ritschard and Reyk Floeter.
Imported December 16, 2006 and first released with OpenBSD 4.1.
Now maintained by Reyk Floeter and Sebastian Benoit.
! - cwm(1):
Started by Marius
Aamodt Eriksen in 2004.
Imported April 27, 2007 and first released with OpenBSD 4.2.
Now maintained by Okan Demirmen.
Portable version
maintained by Leah Neukirchen.
!
- ospf6d(8),
! ospf6ctl(8):
Started by Esben Norby and Claudio Jeker.
Imported October 8, 2007 and first released with OpenBSD 4.2.
!
- libtool(1):
Written by Steven Mestdagh and Marc Espie.
Imported October 28, 2007 and first available for OpenBSD 4.3.
Now maintained by Marc Espie, Jasper Lievisse Adriaanse,
and Antoine Jacoutot.
!
- snmpd(8),
! snmpctl(8):
Started by Reyk Floeter.
Imported December 5, 2007 and first released with OpenBSD 4.3.
Maintained by Reyk Floeter and Bret Lambert.
!
- sysmerge(8):
Written and maintained by Antoine Jacoutot,
originally forked from mergemaster by Douglas Barton.
Imported April 22, 2008, first released with OpenBSD 4.4.
!
- ypldap(8):
Started by Pierre-Yves Ritschard.
Imported June 26, 2008 and first released with OpenBSD 4.4.
- OpenSMTPD
! including smtpd(8),
! smtpctl(8),
! makemap(8):
Started by Gilles Chehade.
Imported November 1, 2008 and first released with OpenBSD 4.6.
Now maintained by Gilles Chehade and Eric Faurot.
- tmux,
! tmux(1):
Started in 2007 and maintained by Nicholas Marriott.
Imported June 1, 2009, first released with OpenBSD 4.6.
!
- ldpd(8),
! ldpctl(8):
Started by Michele Marchetto.
Imported June 1, 2009 and first released with OpenBSD 4.6.
Now maintained by Claudio Jeker.
- mandoc
! including mandoc(1),
! man(1),
! apropos(1),
! makewhatis(8),
man.cgi(8):
Started by Kristaps Dzonsons in November 2008.
Imported April 6, 2009, first released with OpenBSD 4.8.
Now maintained by Ingo Schwarze.
!
- ldapd(8),
! ldapctl(8):
Written by Martin Hedenfalk.
Imported May 31, 2010 and first released with OpenBSD 4.8.
- OpenIKED
! including iked(8)
! and ikectl(8):
Started by Reyk Floeter.
Imported June 3, 2010 and first released with OpenBSD 4.8.
Now maintained by Reyk Floeter and Mike Belopuhov.
!
- iscsid(8),
! iscsictl(8):
Written and maintained by Claudio Jeker.
Imported September 24, 2010 and first released with OpenBSD 4.9.
!
- rc.d(8),
! rc.subr(8):
Written and maintained by Robert Nagy and Antoine Jacoutot.
Imported October 26, 2010 and first released with OpenBSD 4.9.
!
- tftpd(8):
Written and maintained by David Gwynne.
Imported March 2, 2012 and first released with OpenBSD 5.2.
!
- npppd(8),
! npppctl(8):
Started by Internet Initiative Japan Inc.
Imported January 11, 2010, first released with OpenBSD 5.3.
Maintained by YASUOKA Masahiko.
!
- ldomd(8),
! ldomctl(8):
Written and maintained by Mark Kettenis.
Imported October 26, 2012 and first released with OpenBSD 5.3.
!
- sndiod(8):
Written and maintained by Alexandre Ratchov.
Imported November 23, 2012 and first released with OpenBSD 5.3.
!
- cu(1):
Written and maintained by Nicholas Marriott.
Imported July 10, 2012 and first released with OpenBSD 5.4.
!
- identd(8):
Written and maintained by David Gwynne.
Imported March 18, 2013 and first released with OpenBSD 5.4.
!
- slowcgi(8):
Written and maintained by Florian Obser.
Imported May 23, 2013 and first released with OpenBSD 5.4.
!
- signify(1):
Written and maintained by Ted Unangst.
Imported December 31, 2013 and first released with OpenBSD 5.5.
!
- htpasswd(1):
Written and maintained by Florian Obser.
Imported March 17, 2014 and first released with OpenBSD 5.6.
- LibreSSL:
--- 86,273 ----
Imported June 4, 2002 and first released with OpenBSD 3.2.
Deleted after OpenBSD 5.9 because
pledge(2) is even better.
!
- spamd(8):
Written by Bob Beck. Imported December 21, 2002 and first released with OpenBSD 3.3.
!
- dc(1):
Written and maintained by Otto Moerbeek.
Imported September 19, 2003 and first released with OpenBSD 3.5.
!
- bc(1):
Written and maintained by Otto Moerbeek.
Imported September 25, 2003 and first released with OpenBSD 3.5.
!
- sensorsd(8):
Started by Henning Brauer.
Imported September 24, 2003 and first released with OpenBSD 3.5.
Reworked by Constantine A. Murenin.
!
- pkg_add(1):
Written and maintained by Marc Espie.
Imported October 16, 2003 and first released with OpenBSD 3.5.
!
- carp(4):
Written by Mickey Shalayeff, Markus Friedl, Marco Pfatschbacher,
and Ryan McBride.
Imported October 17, 2003 and first released with OpenBSD 3.5.
- OpenBGPD
! including bgpd(8)
! and bgpctl(8):
Written and maintained by Henning Brauer and Claudio Jeker,
and also maintained by Peter Hessler.
Imported December 17, 2003 and first released with OpenBSD 3.5.
!
- dhclient(8):
Started by Ted Lemon and Elliot Poger in 1996.
Imported January 18, 2004 and first released with OpenBSD 3.5.
Reworked by Henning Brauer.
Now maintained by Kenneth Westerback.
!
- dhcpd(8):
Started by Ted Lemon in 1995.
Imported April 13, 2004 and first released with OpenBSD 3.6.
Reworked by Henning Brauer.
Now maintained by Kenneth Westerback.
!
- hotplugd(8):
Started by Alexander Yurchenko.
Imported May 30, 2004 and first released with OpenBSD 3.6.
- OpenNTPD
! including ntpd(8)
! and ntpctl(8):
Written and maintained by Henning Brauer.
Imported May 31, 2004 and first released with OpenBSD 3.6.
Portable version maintained by Brent Cook.
!
- dpb(1):
Started by Nikolay Sturm on August 10, 2004; first available for OpenBSD 3.6.
Rewritten and maintained by Marc Espie since August 20, 2010.
!
- ospfd(8),
! ospfctl(8):
Started by Esben Norby and Claudio Jeker.
Imported January 28, 2005 and first released with OpenBSD 3.7.
!
- ifstated(8):
Started by Marco Pfatschbacher and Ryan McBride.
Imported January 23, 2004 and first released with OpenBSD 3.8.
!
- bioctl(8):
Started by Marco Peereboom.
Imported March 29, 2005 and first released with OpenBSD 3.8.
!
- hostapd(8):
Written and maintained by Reyk Floeter.
Imported May 26, 2005 and first released with OpenBSD 3.8.
!
- watchdogd(8):
Started by Marc Balmer.
Imported August 8, 2005 and first released with OpenBSD 3.8.
!
- sdiff(1):
Written by Ray Lai.
Imported December 27, 2005 and first released with OpenBSD 3.9.
!
- dvmrpd(8),
! dvmrpctl(8):
Started by Esben Norby.
Imported June 1, 2006 and first released with OpenBSD 4.0.
!
- ripd(8),
! ripctl(8):
Started by Michele Marchetto.
Imported October 18, 2006 and first released with OpenBSD 4.1.
!
- pkg-config(1):
Started by Chris Kuethe and Marc Espie.
Imported November 27, 2006 and first released with OpenBSD 4.1.
Now maintained by Jasper Lievisse Adriaanse.
!
- relayd(8)
! with relayctl(8):
Started by Pierre-Yves Ritschard and Reyk Floeter.
Imported December 16, 2006 and first released with OpenBSD 4.1.
Now maintained by Reyk Floeter and Sebastian Benoit.
! - cwm(1):
Started by Marius
Aamodt Eriksen in 2004.
Imported April 27, 2007 and first released with OpenBSD 4.2.
Now maintained by Okan Demirmen.
Portable version
maintained by Leah Neukirchen.
!
- ospf6d(8),
! ospf6ctl(8):
Started by Esben Norby and Claudio Jeker.
Imported October 8, 2007 and first released with OpenBSD 4.2.
!
- libtool(1):
Written by Steven Mestdagh and Marc Espie.
Imported October 28, 2007 and first available for OpenBSD 4.3.
Now maintained by Marc Espie, Jasper Lievisse Adriaanse,
and Antoine Jacoutot.
!
- snmpd(8),
! snmpctl(8):
Started by Reyk Floeter.
Imported December 5, 2007 and first released with OpenBSD 4.3.
Maintained by Reyk Floeter and Bret Lambert.
!
- sysmerge(8):
Written and maintained by Antoine Jacoutot,
originally forked from mergemaster by Douglas Barton.
Imported April 22, 2008, first released with OpenBSD 4.4.
!
- ypldap(8):
Started by Pierre-Yves Ritschard.
Imported June 26, 2008 and first released with OpenBSD 4.4.
- OpenSMTPD
! including smtpd(8),
! smtpctl(8),
! makemap(8):
Started by Gilles Chehade.
Imported November 1, 2008 and first released with OpenBSD 4.6.
Now maintained by Gilles Chehade and Eric Faurot.
- tmux,
! tmux(1):
Started in 2007 and maintained by Nicholas Marriott.
Imported June 1, 2009, first released with OpenBSD 4.6.
!
- ldpd(8),
! ldpctl(8):
Started by Michele Marchetto.
Imported June 1, 2009 and first released with OpenBSD 4.6.
Now maintained by Claudio Jeker.
- mandoc
! including mandoc(1),
! man(1),
! apropos(1),
! makewhatis(8),
man.cgi(8):
Started by Kristaps Dzonsons in November 2008.
Imported April 6, 2009, first released with OpenBSD 4.8.
Now maintained by Ingo Schwarze.
!
- ldapd(8),
! ldapctl(8):
Written by Martin Hedenfalk.
Imported May 31, 2010 and first released with OpenBSD 4.8.
- OpenIKED
! including iked(8)
! and ikectl(8):
Started by Reyk Floeter.
Imported June 3, 2010 and first released with OpenBSD 4.8.
Now maintained by Reyk Floeter and Mike Belopuhov.
!
- iscsid(8),
! iscsictl(8):
Written and maintained by Claudio Jeker.
Imported September 24, 2010 and first released with OpenBSD 4.9.
!
- rc.d(8),
! rc.subr(8):
Written and maintained by Robert Nagy and Antoine Jacoutot.
Imported October 26, 2010 and first released with OpenBSD 4.9.
!
- tftpd(8):
Written and maintained by David Gwynne.
Imported March 2, 2012 and first released with OpenBSD 5.2.
!
- npppd(8),
! npppctl(8):
Started by Internet Initiative Japan Inc.
Imported January 11, 2010, first released with OpenBSD 5.3.
Maintained by YASUOKA Masahiko.
!
- ldomd(8),
! ldomctl(8):
Written and maintained by Mark Kettenis.
Imported October 26, 2012 and first released with OpenBSD 5.3.
!
- sndiod(8):
Written and maintained by Alexandre Ratchov.
Imported November 23, 2012 and first released with OpenBSD 5.3.
!
- cu(1):
Written and maintained by Nicholas Marriott.
Imported July 10, 2012 and first released with OpenBSD 5.4.
!
- identd(8):
Written and maintained by David Gwynne.
Imported March 18, 2013 and first released with OpenBSD 5.4.
!
- slowcgi(8):
Written and maintained by Florian Obser.
Imported May 23, 2013 and first released with OpenBSD 5.4.
!
- signify(1):
Written and maintained by Ted Unangst.
Imported December 31, 2013 and first released with OpenBSD 5.5.
!
- htpasswd(1):
Written and maintained by Florian Obser.
Imported March 17, 2014 and first released with OpenBSD 5.6.
- LibreSSL:
***************
*** 275,306 ****
and Theo de Raadt on April 13, 2014, as a fork of OpenSSL 1.0.1g.
First released with OpenBSD 5.6.
Portable version maintained by Brent Cook.
!
- httpd(8):
Started by Reyk Floeter.
Imported July 12, 2014 and first released with OpenBSD 5.6.
Maintained by Reyk Floeter and Florian Obser.
!
- rcctl(8):
Written and maintained by Antoine Jacoutot.
Imported August 19, 2014 and first released with OpenBSD 5.7.
!
- file(1):
Rewritten from scratch and maintained by Nicholas Marriott.
Imported April 24, 2015 and first released with OpenBSD 5.8.
!
- doas(1):
Written and maintained by Ted Unangst.
Imported July 16, 2015 and first released with OpenBSD 5.8.
!
- radiusd(8):
Written and maintained by YASUOKA Masahiko.
Imported July 21, 2015 and first released with OpenBSD 5.8.
- eigrpd(8),
eigrpctl(8):
Written and maintained by Renato Westphal.
Imported October 2, 2015 and first released with OpenBSD 5.9.
!
- rebound(8):
Written and maintained by Ted Unangst.
Imported October 15, 2015 and first released with OpenBSD 5.9.
!
- vmm(4),
! vmd(8),
! vmctl(8):
Written and maintained by Mike Larkin and Reyk Floeter.
Imported November 13, 2015 and first released with OpenBSD 5.9.
- pdisk(8):
--- 275,306 ----
and Theo de Raadt on April 13, 2014, as a fork of OpenSSL 1.0.1g.
First released with OpenBSD 5.6.
Portable version maintained by Brent Cook.
!
- httpd(8):
Started by Reyk Floeter.
Imported July 12, 2014 and first released with OpenBSD 5.6.
Maintained by Reyk Floeter and Florian Obser.
!
- rcctl(8):
Written and maintained by Antoine Jacoutot.
Imported August 19, 2014 and first released with OpenBSD 5.7.
!
- file(1):
Rewritten from scratch and maintained by Nicholas Marriott.
Imported April 24, 2015 and first released with OpenBSD 5.8.
!
- doas(1):
Written and maintained by Ted Unangst.
Imported July 16, 2015 and first released with OpenBSD 5.8.
!
- radiusd(8):
Written and maintained by YASUOKA Masahiko.
Imported July 21, 2015 and first released with OpenBSD 5.8.
- eigrpd(8),
eigrpctl(8):
Written and maintained by Renato Westphal.
Imported October 2, 2015 and first released with OpenBSD 5.9.
!
- rebound(8):
Written and maintained by Ted Unangst.
Imported October 15, 2015 and first released with OpenBSD 5.9.
!
- vmm(4),
! vmd(8),
! vmctl(8):
Written and maintained by Mike Larkin and Reyk Floeter.
Imported November 13, 2015 and first released with OpenBSD 5.9.
- pdisk(8):
***************
*** 347,357 ****
Concepts
! - ipsec(4):
Started by John Ioannidis, Angelos D. Keromytis, Niels Provos, and
Niklas Hallqvist, imported February 20, 1997. OpenBSD was the first
free operating system to provide an IPSec stack.
!
- inet6(4):
First complete integration and adoption of IPv6 led by
"Itojun" (Dr. Junichiro Hagino) [WIDE/KAME], Craig Metz [NRL], and
Angelos D. Keromytis starting Jan 6, 1999.
--- 347,357 ----
Concepts
! - ipsec(4):
Started by John Ioannidis, Angelos D. Keromytis, Niels Provos, and
Niklas Hallqvist, imported February 20, 1997. OpenBSD was the first
free operating system to provide an IPSec stack.
!
- inet6(4):
First complete integration and adoption of IPv6 led by
"Itojun" (Dr. Junichiro Hagino) [WIDE/KAME], Craig Metz [NRL], and
Angelos D. Keromytis starting Jan 6, 1999.
***************
*** 363,405 ****
Niels Provos
and Markus Friedl in OpenSSH in March 2002, released with OpenBSD 3.2.
The concept is now used in many OpenBSD programs, for example
! bgpd(8),
! dhclient(8),
! dhcpd(8),
! dvmrpd(8),
! eigrpd(8),
! file(1),
! httpd(8),
! iked(8),
! ldapd(8),
! ldpd(8),
! mountd(8),
! npppd(8),
! ntpd(8),
! ospfd(8),
! ospf6d(8),
! pflogd(8),
! radiusd(8),
! relayd(8),
! ripd(8),
! script(1),
! smtpd(8),
! syslogd(8),
! tcpdump(8),
! tmux(1),
! xconsole(1),
! xdm(1),
! Xserver(1),
! ypldap(8),
! pkg_add(1),
etc.
- Privilege revocation:
Related to the work on privilege separation, some programs were refactored
to drop privileges while holding onto a tricky resource such as a raw socket,
reserved port, or modification-locked bpf(4) descriptor,
for example
! ping(8),
! traceroute(8),
etc.
- Stack protector: Developed since 2001 as "propolice" by Hiroaki Etoh.
Integrated, and implemented for additional hardware platforms,
--- 363,405 ----
Niels Provos
and Markus Friedl in OpenSSH in March 2002, released with OpenBSD 3.2.
The concept is now used in many OpenBSD programs, for example
! bgpd(8),
! dhclient(8),
! dhcpd(8),
! dvmrpd(8),
! eigrpd(8),
! file(1),
! httpd(8),
! iked(8),
! ldapd(8),
! ldpd(8),
! mountd(8),
! npppd(8),
! ntpd(8),
! ospfd(8),
! ospf6d(8),
! pflogd(8),
! radiusd(8),
! relayd(8),
! ripd(8),
! script(1),
! smtpd(8),
! syslogd(8),
! tcpdump(8),
! tmux(1),
! xconsole(1),
! xdm(1),
! Xserver(1),
! ypldap(8),
! pkg_add(1),
etc.
- Privilege revocation:
Related to the work on privilege separation, some programs were refactored
to drop privileges while holding onto a tricky resource such as a raw socket,
reserved port, or modification-locked bpf(4) descriptor,
for example
! ping(8),
! traceroute(8),
etc.
- Stack protector: Developed since 2001 as "propolice" by Hiroaki Etoh.
Integrated, and implemented for additional hardware platforms,
***************
*** 417,429 ****
in OpenBSD 3.4.
- ASLR: OpenBSD 3.4 was the first widely used operating system to
provide it by default.
!
- gcc-local(1)
__attribute__((__bounded__)) static analysis annotation
and checking mechanism:
Started by Anil Madhavapeddy on June 26, 2003
and ported to GCC 4 by Nicholas Marriott.
First released with OpenBSD 3.4.
!
- malloc(3)
randomization implemented by Thierry Deval. Guard pages and randomized (delayed) free added by Ted Unangst.
Reimplemented by Otto Moerbeek
for OpenBSD 4.4.
--- 417,429 ----
in OpenBSD 3.4.
- ASLR: OpenBSD 3.4 was the first widely used operating system to
provide it by default.
!
- gcc-local(1)
__attribute__((__bounded__)) static analysis annotation
and checking mechanism:
Started by Anil Madhavapeddy on June 26, 2003
and ported to GCC 4 by Nicholas Marriott.
First released with OpenBSD 3.4.
!
- malloc(3)
randomization implemented by Thierry Deval. Guard pages and randomized (delayed) free added by Ted Unangst.
Reimplemented by Otto Moerbeek
for OpenBSD 4.4.
***************
*** 464,470 ****
- Use of fork+exec in privilege separated programs. The strategy is to give
each process a fresh & unique address space for ASLR, stack protector -- as
protection against address space discovery attacks. Implemented first by
! Damien Miller (sshd(8) 2004), Claudio Jeker (bgpd(8), 2015), Eric Faurot (smtpd(8), 2016),
Rafael Zalamena (various, 2016), and others.
- trapsleds: Reduction of incidental NOP instructions/sequences in the
instruction stream which could be useful potentially for ROP attack methods
--- 464,472 ----
- Use of fork+exec in privilege separated programs. The strategy is to give
each process a fresh & unique address space for ASLR, stack protector -- as
protection against address space discovery attacks. Implemented first by
! Damien Miller (sshd(8) 2004),
! Claudio Jeker (bgpd(8), 2015),
! Eric Faurot (smtpd(8), 2016),
Rafael Zalamena (various, 2016), and others.
- trapsleds: Reduction of incidental NOP instructions/sequences in the
instruction stream which could be useful potentially for ROP attack methods
***************
*** 480,519 ****
Functions
! - arc4random(3):
David Mazieres, December 28, 1996, OpenBSD 2.1
!
- bcrypt(3):
Implemented by Niels Provos and David Mazieres
Imported February 13, 1997 and first released with OpenBSD 2.1.
!
- strlcpy(3),
! strlcat(3):
Todd Miller and Theo de Raadt, July 1, 1998, OpenBSD 2.4
!
- strtonum(3):
Ted Unangst, Todd Miller, and Theo de Raadt, May 3, 2004, OpenBSD 3.6
!
- imsg:
Message passing API, written by Henning Brauer.
In libutil since May 26, 2010, OpenBSD 4.8;
used by various daemons before that.
!
- timingsafe_bcmp(3):
Damien Miller, July 13, 2010, OpenBSD 4.9
!
- explicit_bzero(3):
Ted Unangst and Matthew Dempsky, January 22, 2014, OpenBSD 5.5
!
- ohash:
Written and maintained by Marc Espie.
In libutil since May 12, 2014, OpenBSD 5.6;
used by make(1) and m4(1) before that.
!
- asr:
Replacement resolver written and maintained by Eric Faurot.
Imported April 14, 2012; activated on March 26, 2014, OpenBSD 5.6.
!
- reallocarray(3):
Theo de Raadt and Ted Unangst, April 22, 2014, OpenBSD 5.6
!
- getentropy(2):
Matthew Dempsky and Theo de Raadt, June 13, 2014, OpenBSD 5.6
!
- sendsyslog(2):
Theo de Raadt, July 10, 2014, OpenBSD 5.6
!
- timingsafe_memcmp(3):
Matthew Dempsky, July 13, 2014, OpenBSD 5.6
!
- pledge(2):
Theo de Raadt, July 19, 2015, OpenBSD 5.9
- getpwnam_shadow(3),
getpwuid_shadow(3):
--- 482,521 ----
Functions
! - arc4random(3):
David Mazieres, December 28, 1996, OpenBSD 2.1
!
- bcrypt(3):
Implemented by Niels Provos and David Mazieres
Imported February 13, 1997 and first released with OpenBSD 2.1.
!
- strlcpy(3),
! strlcat(3):
Todd Miller and Theo de Raadt, July 1, 1998, OpenBSD 2.4
!
- strtonum(3):
Ted Unangst, Todd Miller, and Theo de Raadt, May 3, 2004, OpenBSD 3.6
!
- imsg:
Message passing API, written by Henning Brauer.
In libutil since May 26, 2010, OpenBSD 4.8;
used by various daemons before that.
!
- timingsafe_bcmp(3):
Damien Miller, July 13, 2010, OpenBSD 4.9
!
- explicit_bzero(3):
Ted Unangst and Matthew Dempsky, January 22, 2014, OpenBSD 5.5
!
- ohash:
Written and maintained by Marc Espie.
In libutil since May 12, 2014, OpenBSD 5.6;
used by make(1) and m4(1) before that.
!
- asr:
Replacement resolver written and maintained by Eric Faurot.
Imported April 14, 2012; activated on March 26, 2014, OpenBSD 5.6.
!
- reallocarray(3):
Theo de Raadt and Ted Unangst, April 22, 2014, OpenBSD 5.6
!
- getentropy(2):
Matthew Dempsky and Theo de Raadt, June 13, 2014, OpenBSD 5.6
!
- sendsyslog(2):
Theo de Raadt, July 10, 2014, OpenBSD 5.6
!
- timingsafe_memcmp(3):
Matthew Dempsky, July 13, 2014, OpenBSD 5.6
!
- pledge(2):
Theo de Raadt, July 19, 2015, OpenBSD 5.9
- getpwnam_shadow(3),
getpwuid_shadow(3):