[7427] in bugtraq
Re: Fwd: Any user can panic OpenBSD machine
daemon@ATHENA.MIT.EDU (Jason Thorpe)
Tue Jul 28 19:17:23 1998
Date: Tue, 28 Jul 1998 10:51:12 -0700
Reply-To: Jason Thorpe <thorpej@nas.nasa.gov>
From: Jason Thorpe <thorpej@NAS.NASA.GOV>
X-To: perry@piermont.com
To: BUGTRAQ@NETSPACE.ORG
On Mon, 27 Jul 1998 23:21:20 -0400
"Perry E. Metzger" <perry@piermont.com> wrote:
> Personally, I find the constant claims that OpenBSD is more secure
> than FreeBSD and NetBSD annoying. We all do extensive security
> work. This is just another example of a fairly common situation -- in
> which OpenBSD has a bug that other BSDs don't. Sometimes it is the
> other way around, too, but you'd think from the propaganda that it was
> always, or even usually, OpenBSD that was the most secure system.
I'd also like to point out that the OpenBSD "fix" for the problem is
incorrect.
It is now possible for the OpenBSD read and write system calls to return
garbage "bytes actually transfered" values.
Jason R. Thorpe thorpej@nas.nasa.gov
NASA Ames Research Center Home: +1 408 866 1912
NAS: M/S 258-5 Work: +1 650 604 0935
Moffett Field, CA 94035 Pager: +1 650 940 5942
