Annotation of www/security.html, Revision 1.12
1.1 deraadt 1: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML Strict//EN">
2: <html>
3: <head>
4: <title>OpenBSD</title>
5: <link rev=made href=mailto:www@openbsd.org>
6: <meta name="resource-type" content="document">
7: <meta name="description" content="OpenBSD advisories">
8: <meta name="keywords" content="openbsd,main">
9: <meta name="distribution" content="global">
10: <meta name="copyright" content="This document copyright 1997 by OpenBSD.">
11: </head>
12:
13: <BODY BGCOLOR="#FFFFFF" TEXT="#000000" LINK="#23238E">
14:
1.2 deraadt 15: <img alt="[OpenBSD]" SRC="/images/smalltitle.gif">
1.1 deraadt 16:
1.2 deraadt 17: <p>
1.12 ! deraadt 18: <h3><font color=#e00000><strong>OpenBSD Security Views</strong></font></h3>
! 19: OpenBSD believes very strongly in strong security. We believe that we are
! 20: NUMBER ONE in the industry at the moment. Due to our open software
! 21: development model, we are able to take a more uncompromising view towards
! 22: increasing security than Sun, SGI, IBM, HP, or other vendors are able to.
! 23:
! 24: <p>
! 25: Our security auditing team typically has between six and twelve
! 26: members, and most of us continually search for and fix security holes.
! 27: We have been auditing for approximately two years. The process we
! 28: followed to increase security was simply a comprehensive file-by-file
! 29: analysis of every critical software component. Flaws were found in
! 30: just about every area of the system. Entire new classes of security
! 31: problems were found while we were doing the audit, and in many cases
! 32: source code which had been audited earlier had to be re-audited with
! 33: these new flaws in mind.
! 34:
! 35: <p>
! 36: The process is not over yet, and as you can see we continue to find and
! 37: fix new security flaws.
! 38:
! 39: <p>
! 40: <h3><font color=#e00000><strong>OpenBSD 2.1 Security Advisories</strong></font></h3>
1.11 deraadt 41: These are the OpenBSD 2.1 advisories. All these problems are solved
42: in OpenBSD 2.2. Some of these problems still exist in other
1.1 deraadt 43: operating systems.
44:
45: <ul>
1.11 deraadt 46: <li><a href=rfork>Rfork() system call flaw (patch included)</a>
47: <li><a href=procfs>Procfs flaws (patch included)</a>
48: <li><a href=signals>Deviant Signals (patch included)</a>
1.9 deraadt 49: </ul>
50:
51: <p>
1.12 ! deraadt 52: <h3><font color=#e00000><strong>OpenBSD 2.2 Security Advisories</strong></font></h3>
1.11 deraadt 53: These are the OpenBSD 2.2 advisories. All these problems are
1.9 deraadt 54: solved in OpenBSD current. Some of these problems still exist in other
1.11 deraadt 55: operating systems. Patches are provided
1.9 deraadt 56:
57: <ul>
1.11 deraadt 58: <li><a href=/errata.html#f00f>Intel P5 f00f lockup (patch included)</a>
59: <li><a href=/errata.html#sourceroute>
60: Sourcerouted Packet Acceptance (patch included)</a>
61: <li><a href=/errata.html#ruserok>Setuid coredump & Ruserok() flaw (patch included)</a>
62: <li><a href=/errata.html#mmap>Read-write mmap() flaw (patch included)</a>
1.1 deraadt 63: </ul>
64:
1.9 deraadt 65: <p>
1.12 ! deraadt 66: <h3><font color=#e00000><strong>Other Resources</strong></font></h3>
1.3 deraadt 67: Other security advisories that have (in the past) affected OpenBSD can
1.4 deraadt 68: be found at the <a href=http://www.secnet.com/nav1.html>Secure Networks archive</a>.
1.3 deraadt 69:
1.5 deraadt 70: <p> If you find a new security problem, you can mail it to
1.6 deraadt 71: <a href=mailto:deraadt@openbsd.org>deraadt@openbsd.org</a>.
1.7 deraadt 72: <br>
1.5 deraadt 73: If you wish to PGP encode it (but please only do so if privacy is very
74: urgent, since it is inconvenient) use this <a href=pgpkey>pgp key</a>.
75:
1.2 deraadt 76: <hr>
1.1 deraadt 77: <font size="-1">
1.2 deraadt 78: <em>This site Copyright © 1996, 1997 OpenBSD.</em><br>
1.12 ! deraadt 79: $OpenBSD: index.html,v 1.11 1998/02/19 11:45:11 deraadt Exp $
1.1 deraadt 80: </font>
81:
82: </BODY>
83: </HTML>