Return to security.html CVS log

Up to [local] / www

Annotation of www/security.html, Revision 1.12

1.1       deraadt     1: <!DOCTYPE HTML PUBLIC  "-//IETF//DTD HTML Strict//EN">
                      2: <html>
                      3: <head>
                      4: <title>OpenBSD</title>
                      5: <link rev=made href=mailto:www@openbsd.org>
                      6: <meta name="resource-type" content="document">
                      7: <meta name="description" content="OpenBSD advisories">
                      8: <meta name="keywords" content="openbsd,main">
                      9: <meta name="distribution" content="global">
                     10: <meta name="copyright" content="This document copyright 1997 by OpenBSD.">
                     11: </head>
                     12:
                     13: <BODY BGCOLOR="#FFFFFF" TEXT="#000000" LINK="#23238E">
                     14:
1.2       deraadt    15: <img alt="[OpenBSD]" SRC="/images/smalltitle.gif">
1.1       deraadt    16:
1.2       deraadt    17: <p>
1.12    ! deraadt    18: <h3><font color=#e00000><strong>OpenBSD Security Views</strong></font></h3>
        !            19: OpenBSD believes very strongly in strong security.  We believe that we are
        !            20: NUMBER ONE in the industry at the moment.  Due to our open software
        !            21: development model, we are able to take a more uncompromising view towards
        !            22: increasing security than Sun, SGI, IBM, HP, or other vendors are able to.
        !            23:
        !            24: <p>
        !            25: Our security auditing team typically has between six and twelve
        !            26: members, and most of us continually search for and fix security holes.
        !            27: We have been auditing for approximately two years.  The process we
        !            28: followed to increase security was simply a comprehensive file-by-file
        !            29: analysis of every critical software component.  Flaws were found in
        !            30: just about every area of the system.  Entire new classes of security
        !            31: problems were found while we were doing the audit, and in many cases
        !            32: source code which had been audited earlier had to be re-audited with
        !            33: these new flaws in mind.
        !            34:
        !            35: <p>
        !            36: The process is not over yet, and as you can see we continue to find and
        !            37: fix new security flaws.
        !            38:
        !            39: <p>
        !            40: <h3><font color=#e00000><strong>OpenBSD 2.1 Security Advisories</strong></font></h3>
1.11      deraadt    41: These are the OpenBSD 2.1 advisories.  All these problems are solved
                     42: in OpenBSD 2.2.  Some of these problems still exist in other
1.1       deraadt    43: operating systems.
                     44:
                     45: <ul>
1.11      deraadt    46: <li><a href=rfork>Rfork() system call flaw (patch included)</a>
                     47: <li><a href=procfs>Procfs flaws (patch included)</a>
                     48: <li><a href=signals>Deviant Signals (patch included)</a>
1.9       deraadt    49: </ul>
                     50:
                     51: <p>
1.12    ! deraadt    52: <h3><font color=#e00000><strong>OpenBSD 2.2 Security Advisories</strong></font></h3>
1.11      deraadt    53: These are the OpenBSD 2.2 advisories.  All these problems are
1.9       deraadt    54: solved in OpenBSD current.  Some of these problems still exist in other
1.11      deraadt    55: operating systems.  Patches are provided
1.9       deraadt    56:
                     57: <ul>
1.11      deraadt    58: <li><a href=/errata.html#f00f>Intel P5 f00f lockup (patch included)</a>
                     59: <li><a href=/errata.html#sourceroute>
                     60:        Sourcerouted Packet Acceptance (patch included)</a>
                     61: <li><a href=/errata.html#ruserok>Setuid coredump & Ruserok() flaw (patch included)</a>
                     62: <li><a href=/errata.html#mmap>Read-write mmap() flaw (patch included)</a>
1.1       deraadt    63: </ul>
                     64:
1.9       deraadt    65: <p>
1.12    ! deraadt    66: <h3><font color=#e00000><strong>Other Resources</strong></font></h3>
1.3       deraadt    67: Other security advisories that have (in the past) affected OpenBSD can
1.4       deraadt    68: be found at the <a href=http://www.secnet.com/nav1.html>Secure Networks archive</a>.
1.3       deraadt    69:
1.5       deraadt    70: <p> If you find a new security problem, you can mail it to
1.6       deraadt    71: <a href=mailto:deraadt@openbsd.org>deraadt@openbsd.org</a>.
1.7       deraadt    72: <br>
1.5       deraadt    73: If you wish to PGP encode it (but please only do so if privacy is very
                     74: urgent, since it is inconvenient) use this <a href=pgpkey>pgp key</a>.
                     75:
1.2       deraadt    76: <hr>
1.1       deraadt    77: <font size="-1">
1.2       deraadt    78: <em>This site Copyright &copy; 1996, 1997 OpenBSD.</em><br>
1.12    ! deraadt    79: $OpenBSD: index.html,v 1.11 1998/02/19 11:45:11 deraadt Exp $
1.1       deraadt    80: </font>
                     81:
                     82: </BODY>
                     83: </HTML>