time for some OpenBSD-style auditing?

To: debian-security@lists.debian.org
Subject: time for some OpenBSD-style auditing?
From: Joe Buck <jbuck@racerx.synopsys.com>
Date: Thu, 28 Dec 2000 16:46:00 -0800 (PST)
Message-id: <[🔎] 200012290046.QAA08034@racerx.synopsys.com>

Notice that security holes fall into classes?  One category of hole
should be easy to eliminate from Debian by instituting a code auditing
requirement.  I'm referring to insecure creation of temporary files,
allowing for symlink attacks.  Now that we all know what this hole looks
like, it should be simple to eliminate.

The other big source of common security holes, buffer overruns, is tougher
to eliminate completely because they can be tough to spot.  But there's no
excuse now for anyone to put out another GNU/Linux distribution containing
a program that creates temporary files insecurely.  If I were Debian
dictator (and I'm not even a debian developer, though I am what you guys
call an "upstream developer" -- I'm on the GCC steering committee), I'd
add a requirement that every package owner certify that he has checked the
package s/he maintains for a list of common security problems, and that
all problems found have been fixed.

I call this "OpenBSD style" because they are the only folks currently
doing this -- everyone else takes a reactive approach to security
problems, not fixing them until someone posts a root exploit.  We
can do better.

Reply to:

Follow-Ups:
- Re: time for some OpenBSD-style auditing?
  - From: Peter Eckersley <pde@cs.mu.oz.au>
- Re: time for some OpenBSD-style auditing?
  - From: Andres Salomon <dilinger@mp3revolution.net>

Prev by Date: Re: Debian audititing tool?
Next by Date: Re: time for some OpenBSD-style auditing?
Previous by thread: Re: What is "Warning: /boot/System.map-XXXX does not match kernel data"
Next by thread: Re: time for some OpenBSD-style auditing?
Index(es):
- Date
- Thread