The OpenBSD Journal reports that Michael Lucas has written a new piece about OpenBSD on the OnLamp BSD site. This article, Homemade Embedded BSD Systems, covers installing OpenBSD on the Soekris system, but this could apply to any system which uses a CF device to boot. As usual, some great tips to get you started.
OpenBSD team members, lead by Dale Rahn, have been actively porting OpenBSD to the StrongARM processor. You can see the result of their work on the "cats" platform page. This port is based on the NetBSD port to the platform.
Tom Cosgrove has committed the OpenBSD pieces that make booting from partitions with offsets greater than 8GB.
This article is a quick example of how to add a system call to OpenBSD. The following description is based on OpenBSD 3.4-beta on i386 machine architecture. Also, it is assumed that readers are familiar with building the OpenBSD kernel.
The OpenBSD folks are pleased to announce the official release of OpenBSD 3.4. This is their 14th release on CD-ROM (and 15th via FTP). They remain proud of OpenBSD's record of seven years with only a single remote hole in the default install. As with previous releases, 3.4 provides significant improvements, including new features, in nearly all areas of the system:
An excellent feature has just been committed to OpenBSD-current : pfsync and now CARP. OpenBSD now adds high availability to security. In the meantime, the OpenBSD 3.4 CDs have begin to ship.
MirBSD is a derivative of OpenBSD. It is i386-only, and has some packages removed (Kerberos etc.). Additional features include IPv6 support in Apache, ports for djb-ware, a new bootloader and more.
gijsbert points us to this comprehensive guide to setting up and configuring PF, the BSD packet filter. PF is one of the more robust enterprise firewall applications available today.
The OpenBSD project has made available information as to what is new in the upcoming 3.4 release in November, while pre-ordering is available too. On other BSD news, Simon Schubert has offered to provide daily snapshots of DragonFly, the recent FreeBSD 4.x fork.
OpenBSD's Todd Miller reports that an improper bounds check in the semget(2) system call can allow a local user to cause a kernel panic. No privilege escalation is possible, the attack simply runs the kernel out of memory. The bug was introduced in OpenBSD 3.3, previous versions of OpenBSD are unaffected. Earlier, Mike Frantzen has committed "Passive operating system fingerprinting" to PF which exposes the source host's OS to the filter language.
OpenBSD's stateful packet filter, PF, has recently added passive OS fingerprinting capabilities. This new functionality allows one to design packet filtering policy based around the source operating system. It is based on Michal Zalewski's p0f. The functionality was also added to tcpdump.
OpenBSD 3.3-current now turns 3.4-beta, as the cvs log says. More info at Deadly.org.
A thousand open source projects quietly produce excellent code under the radar. What goes on in these projects? How do new people join? What motivation is there? Cameron Laird and George Peter Staplin interview several core OpenBSD developers.
The OpenBSD folks are informing us that mozilla works in -current, the SMP branch works okay with a big lock on i386, the UltraSPARC III goes single user now and the AMD Hammer port: kernel works so far, toolchain/compiler stuff in the works now.
The latest OpenBSD 3.3 release arrives with even stronger attack defenses coupled with an amazing record of just a single remotely exploitable vulnerability in more than seven years, the best security track record for any general-purpose operating system around. Read the review at eWeek.
The OpenBSD project is having currently its Hackathon event (despite their financial sponsor backing down last month), where all the developers are getting together to code for almost two weeks. Usually, that's the month of the year with the most CVS commits and the biggest advancements that are happening to the OS. Canada's tech media are reporting the event with more info.
Julien Bordet has ported code from NetBSD to support NTFS4 and NTFS5 in OpenBSD-current. He has heavily tested read accesses to his Windows 2000 partition, and that has worked fine. Julien says that there is an existing port, but his port is new and adds NTFS5 support.
The open-source project's leader says the unused portion of a $2.3 million grant has been withdrawn due to concerns that it was mainly funding foreign researchers. OpenBSD would have 60 developers flying in from around the world (they bought their own tickets, non-refundable) for a Hackathon May 8 - 20, which is a major part of OpenBSD's development cycle. Follow the discussion here.
The OpenBSD project hopes that new changes to its latest release will eliminate "buffer overflows," a software issue that has been plaguing security experts for more than three decades.