OpenBSD Journal

Hackfest OpenBSD presentations

Contributed by tj on from the en-attente-de-tÚlÚversements dept.

Two OpenBSD developers gave presentations at this year's Hackfest security conference in Quebec. The videos of both are now online for your viewing pleasure:

  • "Kernel W^X Improvements In OpenBSD" by Mike Larkin (mlarkin@) (slides)
  • "Pledge: A New Security Technology in OpenBSD" by Theo de Raadt (deraadt@) (slides)
  • (Comments are closed)


    Comments
    1. By Just Another OpenBSD User (77.85.128.37) on

      Congratulations for the impressive work and thank you for presenting these gifts. Nice questions too, and looking forward to how the rest of the developer communities take on to the same improvements, this really looks outstanding. Interesting, remarkable progress! Overall super news as usual, plus thanks for the video links.

    2. By Jorden Verwer (83.86.183.38) on

      I like how these new mitigations do not only prevent fallout from bad code, but actually help improve the code. I think that's the true gain here, along with awareness. On the other hand, I thought it was a bit weird to be disappointed by not finding any bugs after enforcing W^X on AMD64. We should all be happy that the code was already that good to begin with.

      I wonder if systrace will be removed now that it seems to be considered a failed (but useful) experiment, and its primary achievement has moved on to using pledge instead...

      Comments
      1. By smu (104.238.184.83) on https://play.google.com/store/apps/details?id=com.smu.player

        > I like how these new mitigations do not only prevent fallout from bad code, but actually help improve the code. I think that's the true gain here, along with awareness. On the other hand, I thought it was a bit weird to be disappointed by not finding any bugs after enforcing W^X on AMD64. We should all be happy that the code was already that good to begin with.
        >
        > I wonder if systrace will be removed now that it seems to be considered a failed (but useful) experiment, and its primary achievement has moved on to using pledge instead...

        Best way to do it keeping systrace with in working condition. Im using it and like this version, can you try if it could be more stable.

    Credits

    Copyright © - Daniel Hartmeier. All rights reserved. Articles and comments are copyright their respective authors, submission implies license to publish on this web site. Contents of the archive prior to as well as images and HTML templates were copied from the fabulous original deadly.org with Jose's and Jim's kind permission. This journal runs as CGI with httpd(8) on OpenBSD, the source code is BSD licensed. undeadly \Un*dead"ly\, a. Not subject to death; immortal. [Obs.]