=================================================================== RCS file: /cvsrepo/anoncvs/cvs/www/security.html,v retrieving revision 1.15 retrieving revision 1.16 diff -c -r1.15 -r1.16 *** www/security.html 1998/02/19 22:37:51 1.15 --- www/security.html 1998/02/19 22:41:42 1.16 *************** *** 45,57 **** these new flaws in mind.

! Our security auditing proces is a proactive one. In almost all cases ! we have found that exploitability is not an issue. We have fixed many ! simple and obvious careless programming errors in code and then only ! months later discovered that the problems were in fact exploitable. ! The proactive auditing process has really paid off. Statements like ! ``This problem was fixed in OpenBSD about 6 months ago'' have become ! commonplace in security forums like BUGTRAQ.

The auditing process is not over yet, and as you can see we continue --- 45,60 ---- these new flaws in mind.

! Another facet of our security auditing process is it's proactiveness. ! In almost all cases we have found that the determination of ! exploitability is not an issue. During our auditing process we find ! many bugs, and endeavor to simply fix them even though exploitability ! is not proven. We have fixed many simple and obvious careless ! programming errors in code and then only months later discovered that ! the problems were in fact exploitable. This proactive auditing ! process has really paid off. Statements like ``This problem was fixed ! in OpenBSD about 6 months ago'' have become commonplace in security ! forums like BUGTRAQ.

The auditing process is not over yet, and as you can see we continue *************** *** 97,103 ****

This site Copyright © 1996, 1997 OpenBSD.
! $OpenBSD: security.html,v 1.15 1998/02/19 22:37:51 deraadt Exp $ --- 100,106 ----
This site Copyright © 1996, 1997 OpenBSD.
! $OpenBSD: security.html,v 1.16 1998/02/19 22:41:42 deraadt Exp $