On Fri, Jan 22, 2010 at 10:56:14AM +0800, Zamri Besar wrote: > The insecurity of OpenBSD > http://allthatiswrong.wordpress.com/2010/01/20/the-insecurity-of-openbsd/ > > -zamri-
Sometimes the "add-on" security enhancements directly weaken system security: http://www.milw0rm.com/exploits/9191 """ Bypassing the null ptr dereference protection in the mainline kernel via two methods -> if SELinux is enabled, it allows pulseaudio to map at 0 UPDATE: not just that, SELinux lets any user in unconfined_t map at 0, overriding the mmap_min_addr restriction! pulseaudio is not needed at all! Having SELinux enabled actually *WEAKENS* system security for these kinds of exploits! """ John
