Domain: watson.org
Stories and comments across the archive that link to watson.org.
Stories · 2
-
Cambridge Researcher Breaks OpenBSD Systrace
An anonymous reader writes "University of Cambridge researcher Robert Watson has published a paper at the First USENIX Workshop On Offensive Technology in which he describes serious vulnerabilities in OpenBSD's Systrace, Sudo, Sysjail, the TIS GSWTK framework, and CerbNG. The technique is also effective against many commercially available anti-virus systems. His slides include sample exploit code that bypasses access control, virtualization, and intrusion detection in under 20 lines of C code consisting solely of memcpy() and fork(). Sysjail has now withdrawn their software, recommending against any use, and NetBSD has disabled Systrace by default in their upcoming release." -
FreeBSD, Linux Kernel Source Cross Reference
An anonymous reader writes "Robert Watson of the FreeBSD Core Team has put up a FreeBSD and Linux kernel source cross reference based on the LXR software used for the Linux kernel cross reference. The stated purpose is to make it easier for FreeBSD users and developers to explore and understand the FreeBSD code, as well as to compare the FreeBSD approaches with abstractions and implementation in the Linux kernel. This should help with portability, compatibility, and architectural cleanliness. Robert has posted to the FreeBSD mailing lists indicating he'll be pushing source code for other *BSD systems and Darwin in the near future as well. Sounds like this may be a really useful site for FreeBSD developers, but also for all open source kernel developers (Linux and others)."