|
|
|
|
|
|
by beachhead
1214 days ago
|
|
|
It'll never happen. Every single time this comes up it turns into the same thing over and over again. You must remember the person that said they'd "write a blogpost bypassing OpenBSD mitigations next week" and that's been well over a month now and, surprise, there's no blog about this. Everything OpenBSD does is wrong and trivial to bypass but everyone's too busy to do it. Maybe the dumbest part about this is that nobody on the other side of this is making claims that these mitigations are perfect in any way. Qualys has bypassed some OpenBSD malloc hardening features recently but then they don't go around making wild or insulting claims about how wrong and trivial they are either. Go figure. |
|
|
[1] https://seclists.org/oss-sec/2023/q1/92
[2] https://marc.info/?l=openbsd-tech&m=167673316325935&w=2