CVS: cvs.openbsd.org: src

Theo de Raadt Mon, 29 Aug 2022 10:00:38 -0700

CVSROOT:        /cvs
Module name:    src
Changes by:     [email protected] 2022/08/29 11:00:30


Modified files:
        sbin/dhcpleased: Makefile 
        sbin/mountd    : Makefile 
        sbin/nfsd      : Makefile 
        sbin/pflogd    : Makefile 
        sbin/resolvd   : Makefile 
        sbin/slaacd    : Makefile 
        sbin/unwind    : Makefile 

Log message:
Dynamically link these /sbin daemons: dhcpleased, mountd, nfsd, pflogd,
resolvd, slaacd, unwind.
The mitigation story is way better: syscalls are in a randomly located
libc, and every syscall stub is randomly located inside that due to
random relinking.  As opposed to fixed offset inside a release binary.
There is one known consequence: /usr nfs mounting must use statically
configured IP addresses.
ok kettenis florian, others

CVS: cvs.openbsd.org: src

Reply via email to