*BSD News Article 89226


Return to BSD News archive

Path: euryale.cc.adfa.oz.au!newshost.carno.net.au!harbinger.cc.monash.edu.au!news.mira.net.au!inquo!nntp.uio.no!news.apfel.de!news.maxwell.syr.edu!cam-news-hub1.bbnplanet.com!news.bbnplanet.com!panix!news.panix.com!not-for-mail
From: tls@panix.com (Thor Lancelot Simon)
Newsgroups: comp.unix.bsd.netbsd.misc,comp.security.unix
Subject: Re: Careless integration of others' code (WAS Re: Why no addusr?)
Date: 16 Feb 1997 02:48:57 -0500
Organization: Panix
Lines: 41
Message-ID: <5e6e59$nmq@panix2.panix.com>
References: <none-ya023480001912962244220001@news.infi.net> <DERAADT.97Feb15155022@zeus.pacifier.com> <5e5vkb$d89@panix2.panix.com> <DERAADT.97Feb15212032@zeus.pacifier.com>
Reply-To: tls@rek.tjls.com
NNTP-Posting-Host: panix2.panix.com
Xref: euryale.cc.adfa.oz.au comp.unix.bsd.netbsd.misc:5389 comp.security.unix:31777

In article <DERAADT.97Feb15212032@zeus.pacifier.com>,
Theo de Raadt <deraadt@theos.com> wrote:
>In article <5e5vkb$d89@panix2.panix.com> tls@panix.com (Thor Lancelot Simon) writes:
>
>   You hold OpenBSD up as a paragon of security, and yet integrate critical
>   pieces of code such as locore.s without even reading them?!
>
>Really, security has very little to do with a kernel that cold-resets
>the machine at boot.  The code wasn't commited until it worked.  That
>took a while, of course.

You are not telling the truth.  Perhaps you should begin doing so, before you
discredit yourself further.

That code was in the OpenBSD tree for *eight weeks*, evidently without anyone
ever looking at it, a period of time which included another revision blindly
checked in.  I just confirmed that using your AnonCVS server.

I mean, my God, I don't know Alpha assembler either, but it's pretty obvious
what's likely to happpen if you don't return from that function.

>That #ifndef change was designed to cause difficulties.  It succeeded.

I can't speak to that, since I didn't make that change.  It "succeeded", in
your terminology, only because OpenBSD developers check things into your
source tree -- and leave them there for eight weeks! -- without even looking
at them first.  I seriously doubt that the person who made that change even 
expected it to get merged into OpenBSD at all.  I mean, the assumption is that
you look at code before you merge it.  I mean, how could one *miss* that?  The
only reasonable conclusion is that external code gets merged into OpenBSD
without even being examined at all for at least eight weeks.

Again: this is _prima facie_ evidence that OpenBSD developers import foreign
code into the tree without even looking at it first.  You think that has "very
little" to do with security?  Sleep on that.

-- 
This space not left unintentionally unblank.            tls@rek.tjls.com
$OpenBSD: locore.s,v 1.5 1996/10/30: Blindly integrating source code,
$OpenBSD: locore.s,v 1.7 1997/01/24: so you can lose for 8 weeks.
				     "Sleep tight."