Annotation of www/security.html, Revision 1.21
1.1 deraadt 1: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML Strict//EN">
2: <html>
3: <head>
1.20 deraadt 4: <title>OpenBSD Security</title>
1.1 deraadt 5: <link rev=made href=mailto:www@openbsd.org>
6: <meta name="resource-type" content="document">
7: <meta name="description" content="OpenBSD advisories">
8: <meta name="keywords" content="openbsd,main">
9: <meta name="distribution" content="global">
10: <meta name="copyright" content="This document copyright 1997 by OpenBSD.">
11: </head>
12:
13: <BODY BGCOLOR="#FFFFFF" TEXT="#000000" LINK="#23238E">
14:
1.2 deraadt 15: <img alt="[OpenBSD]" SRC="/images/smalltitle.gif">
1.1 deraadt 16:
1.2 deraadt 17: <p>
1.12 deraadt 18: <h3><font color=#e00000><strong>OpenBSD Security Views</strong></font></h3>
1.14 deraadt 19: OpenBSD believes in strong security. Our aspiration is to be NUMBER
1.17 deraadt 20: ONE in the industry for security. Our open software development model
21: permits us to take a more uncompromising view towards increased
22: security than Sun, SGI, IBM, HP, or other vendors are able to. We can
23: make changes the vendors would not make. Also, since OpenBSD is
24: exported with cryptography software, we are able to take cryptographic
25: approaches towards fixing security problems.
1.12 deraadt 26:
27: <p>
1.18 deraadt 28:
29: Like most readers of the
1.13 deraadt 30: <a href=http://www.geek-girl.com/bugtraq/index.html>
1.18 deraadt 31: BUGTRAQ mailing list</a>,
32: we believe in full disclosure of security problems. We believe that
33: security information moves very fast in crackers circles. Our
34: experience shows that coding and release of proper security fixes
35: typically requires about an hour of work resulting in very fast fix
36: turnaround. Thus we think that full disclosure helps the people who
37: really care about security.
1.13 deraadt 38:
39: <p>
1.15 deraadt 40:
1.12 deraadt 41: Our security auditing team typically has between six and twelve
1.15 deraadt 42: members, and most of us continually search for and fix new security
43: holes. We have been auditing since the summer of 1997. The process we
1.12 deraadt 44: followed to increase security was simply a comprehensive file-by-file
45: analysis of every critical software component. Flaws were found in
46: just about every area of the system. Entire new classes of security
47: problems were found while we were doing the audit, and in many cases
48: source code which had been audited earlier had to be re-audited with
49: these new flaws in mind.
50:
51: <p>
1.16 deraadt 52: Another facet of our security auditing process is it's proactiveness.
53: In almost all cases we have found that the determination of
54: exploitability is not an issue. During our auditing process we find
55: many bugs, and endeavor to simply fix them even though exploitability
56: is not proven. We have fixed many simple and obvious careless
57: programming errors in code and then only months later discovered that
58: the problems were in fact exploitable. This proactive auditing
59: process has really paid off. Statements like ``This problem was fixed
60: in OpenBSD about 6 months ago'' have become commonplace in security
1.19 deraadt 61: forums like <a href=http://www.geek-girl.com/bugtraq/index.html>BUGTRAQ</a>.
1.15 deraadt 62:
63: <p>
1.14 deraadt 64: The auditing process is not over yet, and as you can see we continue
65: to find and fix new security flaws.
1.12 deraadt 66:
67: <p>
68: <h3><font color=#e00000><strong>OpenBSD 2.1 Security Advisories</strong></font></h3>
1.11 deraadt 69: These are the OpenBSD 2.1 advisories. All these problems are solved
70: in OpenBSD 2.2. Some of these problems still exist in other
1.1 deraadt 71: operating systems.
72:
73: <ul>
1.11 deraadt 74: <li><a href=rfork>Rfork() system call flaw (patch included)</a>
75: <li><a href=procfs>Procfs flaws (patch included)</a>
76: <li><a href=signals>Deviant Signals (patch included)</a>
1.9 deraadt 77: </ul>
78:
79: <p>
1.12 deraadt 80: <h3><font color=#e00000><strong>OpenBSD 2.2 Security Advisories</strong></font></h3>
1.11 deraadt 81: These are the OpenBSD 2.2 advisories. All these problems are
1.9 deraadt 82: solved in OpenBSD current. Some of these problems still exist in other
1.14 deraadt 83: operating systems.
1.9 deraadt 84:
85: <ul>
1.11 deraadt 86: <li><a href=/errata.html#f00f>Intel P5 f00f lockup (patch included)</a>
87: <li><a href=/errata.html#sourceroute>
88: Sourcerouted Packet Acceptance (patch included)</a>
89: <li><a href=/errata.html#ruserok>Setuid coredump & Ruserok() flaw (patch included)</a>
90: <li><a href=/errata.html#mmap>Read-write mmap() flaw (patch included)</a>
1.1 deraadt 91: </ul>
92:
1.21 ! deraadt 93:
! 94: <p>
! 95: <h3><font color=#e00000><strong>Watching our Security Changes</strong></font></h3>
! 96: Since we take a proactive stance with security, we are continually
! 97: finding and fixing new security problems. Not all of these problems
! 98: get widely reported because (as stated earlier) many of them are not
! 99: confirmed to be exploitable. We do not have the time resources to
! 100: make these changes available in the above format.<p>
! 101:
! 102: Thus there are usually minor security fixes in the current source code
! 103: beyond the previous major OpenBSD release. We make a limited
! 104: gaurantee that these problems are of limited impact and unproven
! 105: exploitability. If we discover a problem definately matters for
! 106: security, patches will show up here quickly.<p>
! 107:
! 108: People who are really concerned with critical
! 109: security can do a number of things:<p>
! 110:
! 111: <ul>
! 112: <li>If you understand security issues, watch our
! 113: <a href=/mail.html>source-changes mailing list</a> and keep an
! 114: eye out for things which appear security changes. Since
! 115: exploitability is not proven for many of the fixes we make,
! 116: do not expect the relevant commit message to say "SECURITY FIX!".
! 117: If a problem is proven and serious, a patch will be available
! 118: here very shortly after.
! 119: <li>Track our current source code tree, and teach yourself how to do a
! 120: complete system build from time to time. Make the assumption
! 121: that the current source tree always has stronger security.
! 122: <li>Install a binary <a href=/snapshots.html>snapshots</a>, which are
! 123: made available fairly often.
! 124: </ul>
! 125:
1.9 deraadt 126: <p>
1.12 deraadt 127: <h3><font color=#e00000><strong>Other Resources</strong></font></h3>
1.3 deraadt 128: Other security advisories that have (in the past) affected OpenBSD can
1.4 deraadt 129: be found at the <a href=http://www.secnet.com/nav1.html>Secure Networks archive</a>.
1.3 deraadt 130:
1.5 deraadt 131: <p> If you find a new security problem, you can mail it to
1.6 deraadt 132: <a href=mailto:deraadt@openbsd.org>deraadt@openbsd.org</a>.
1.7 deraadt 133: <br>
1.5 deraadt 134: If you wish to PGP encode it (but please only do so if privacy is very
135: urgent, since it is inconvenient) use this <a href=pgpkey>pgp key</a>.
136:
1.2 deraadt 137: <hr>
1.1 deraadt 138: <font size="-1">
1.19 deraadt 139: <em>This site Copyright © 1996-1998 OpenBSD.</em><br>
1.21 ! deraadt 140: $OpenBSD: index.html,v 1.20 1998/02/20 21:44:08 deraadt Exp $
1.1 deraadt 141: </font>
142:
143: </BODY>
144: </HTML>