[31274] in bugtraq
Re: Buffer overflow prevention
daemon@ATHENA.MIT.EDU (Darren Reed)
Mon Aug 18 18:34:21 2003
From: Darren Reed <avalon@caligula.anu.edu.au>
Message-Id: <200308182213.h7IMDPME026862@caligula.anu.edu.au>
To:
Date: Tue, 19 Aug 2003 08:13:25 +1000 (Australia/ACT)
Cc: bugtraq@securityfocus.com, peter@trusteddebian.org,
deraadt@cvs.openbsd.org
In-Reply-To: <200308182131.h7ILVBbF016752@cvs.openbsd.org> from "Theo de Raadt" at Aug 18, 2003 03:31:11 PM
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7bit
> Yet, persistantly we have been flooded by PAX supporters demanding
> that we should give credit to the PAX people for the ideas in W^X.
> When we had NOT known about PAX, and when W^X does NOT technically do
> what PAX does.
>
> How is it that out of one side of the mouth PAX people say that things
> which I say are not possible on i386 using W^X (full per-page X bit) are
> possible using PAX, and then the other side of the mouth says that W^X
> is just derived from PAX ideas?
[...]
> Oh? So to get their reward, they send out their drones to assault other
> projects, and get credit that is not theirs?
[...]
> I urge the PAX authors to get their community's rabid foaming under control.
Damn, this looks like textbook OpenBSD methodology for getting a vendor
to release hardware documentation or otherwise do what OpenBSD wants.
I guess it's a methodology that's only acceptable when it's being done
for the "noble" goals of the OpenBSD project and not when it is being
targetted at OpenBSD itself.
I suppose you might say this is a case of OpenBSD getting back what it
dishes out to others.
I sincerely doubt that this will have any impact, however, on the behaviour
of the OpenBSD drones. But one can still hope.
Now if I could think of a security-related angle, this email might even
have a chance of ending up being sent to the bugtraq list...
(o)
