[PhantomGremlin]

I'm not sure why tptacek was downvoted here

Maybe because his comment had the tone of:

"For this, I have found a truly wonderful proof, but the margin is too small to contain it."

[tptacek]

Do you need a "truly wonderful proof" for "the mainstream OS OpenBSD has not managed to render kernel vulnerabilities unexploitable, or to rid itself of those vulnerabilities entirely"? Because: that's an extraordinary claim for an OpenBSD supporter to make.

[PhantomGremlin]

I was not responding to "the mainstream OS OpenBSD ...". Let's go back to your remark, which preceded his:

kernel exploits for OpenBSD are neither theoretical nor impractical.

You put that out there as a bare, standalone statement. No elaboration, no proof.

Your comment might be true, but I would have liked to see some more "meat" in it. Some supporting evidence, some inkling of a truly wonderful proof.

[aortega]

I did write a remote kernel exploit for OpenBSD, it was not an easy task, and this was in a time when there were basically no exploit countermeasures in kernel (2007) (https://www.coresecurity.com/content/open-bsd-advisorie)

There are a bunch of local kernel exploits, all very practical and reliable. Kernel protections are something OpenBSD lacked until very recently.

[PhantomGremlin]

Yes, thanks for reminding me of that one.

That timeline isn't pretty. The OpenBSD guys really needed to be dragged, kicking and screaming, to calling it a "security fix" rather than something milder like a "reliability fix".