Bugtraq mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Fwd: Any user can panic OpenBSD machine

From: deraadt () CVS OPENBSD ORG (Theo de Raadt)
Date: Tue, 28 Jul 1998 13:06:55 -0600


Theo de Raadt writes:

Dunno. If your ISP was running on OpenBSD it would be pretty damn
annoying.


Sure it would be.  Luckily the kernel debugger tells you which user
did it.  Now, shall I list 50 ways to crash a NetBSD box from the
shell?


I would highly appreciate it if you would. The NetBSD project believes
in the same philosophy of open disclosure that the BUGTRAQ mailing
list runs on. What you know about you can fix, what you don't know
about *can* hurt you. By all means, please make your list public.  If
you tell us about these 50 ways to crash a NetBSD box from the shell,
we can fix them. If you don't tell us about them, we cannot fix them.


Our source tree is available for anonymous cvs.  You can look at it.
Detailed commit messages are available.


If you do have
a list of defects in NetBSD security that are not fixed in -current,
we would greatly appreciate getting them so that we could apply fixes.


How about the various problems at http://www.openbsd.org/security.html
which have been sitting there for months?

I'm sorry, Perry.  I am not being paid to audit your insecure little
operating system managed by nasty argumentative people.
Previous By Date Next
Previous By Thread Next

Current thread: