*BSD News Article 94191


Return to BSD News archive

Path: euryale.cc.adfa.oz.au!newshost.carno.net.au!harbinger.cc.monash.edu.au!munnari.OZ.AU!news.ecn.uoknor.edu!news.wildstar.net!news.ececs.uc.edu!newsrelay.netins.net!mr.net!arclight.uoregon.edu!zdc!super.zippo.com!coop.net!pacifier!deraadt
From: deraadt@theos.com (Theo de Raadt)
Newsgroups: comp.unix.bsd.bsdi.misc,comp.unix.bsd.misc,comp.security.unix
Subject: Re: *BSD* Security WWW/Mailing List?
Date: 22 Apr 1997 18:58:28 GMT
Organization: Pacifier BBS, Vancouver, Wa.  ((360) 693-0325)
Lines: 24
Message-ID: <DERAADT.97Apr22125828@zeus.pacifier.com>
References: <3356E1CC.299E@softway.com.au> <335798C2.167EB0E7@freebsd.org>
	<DERAADT.97Apr18181055@zeus.pacifier.com>
	<slrn5li6bf.rjd.tqbf@char-star.rdist.org> <5jd1jt$m30@web.nmti.com>
	<slrn5ll06k.kd3.tqbf@char-star.rdist.org>
	<5jhur6$51u@innocence.interface-business.de>
	<slrn5lpvmq.1hm.tqbf@char-star.rdist.org>
NNTP-Posting-Host: zeus.theos.com
In-reply-to: tqbf@char-star.rdist.org's message of 22 Apr 1997 18:09:30 GMT
Xref: euryale.cc.adfa.oz.au comp.unix.bsd.bsdi.misc:6723 comp.unix.bsd.misc:3063 comp.security.unix:33883

In article <slrn5lpvmq.1hm.tqbf@char-star.rdist.org> tqbf@char-star.rdist.org (Thomas H. Ptacek) writes:

   >OpenBSD started after FreeBSD 2.1, so
   >they could already learn from our mistakes.  

   This is simply not the case. The crt0 bug was published after 2.2 was
   released. OpenBSD was never vulnerable to the hole; Mr. Assange's
   apocolyptic comment about the horrors of BSD locales probably provoked an
   audit of that code months before anyone thought to tie it to start().

In OpenBSD our audit of libc/locale and libc/nls was done in August...
There were some minor problems but we're not sure if anything was
easily exploitable.  We just fixed all the bugs we found.  There were
some buffer overflows.

There were also a few of those nasty libc getenv() calls in there, too.

If I remember right, didn't Solaris have problems in locale/nls's too?
I bet a few operating systems still have some shakeups coming from
there.
--
This space not left unintentionally unblank.		deraadt@openbsd.org
www.OpenBSD.org -- We're fixing security problems so you can sleep at night.
(If it wasn't so fascinating I might get some sleep myself...)