NetBSD 2.0.2 Released

← Back to Stories (view on slashdot.org)

Posted by CowboyNeal on Thursday April 14, 2005 @09:59PM from the dreamcasts-rejoice dept.

jschauma writes "James Chacon of the NetBSD Release Engineering team has announced that update 2.0.2 of the NetBSD operating system is now available. NetBSD 2.0.2 is the second security/critical update of the NetBSD 2.0 release branch. This represents a selected subset of fixes deemed critical in nature for stability or security reasons. More details are available in the NetBSD 2.0.2 Release Announcement."

5 of 36 comments (clear)

Min score:

Reason:

Sort:

Re:I wonder... by Anonymous Coward · 2005-04-14 23:05 · Score: 4, Informative

I don't know what Halo is, but NetBSD security upgrades (2.0.x), and even minor upgrades (2.x), normally are 100% backward compatible.

Backward compatibility across major versions (for 1.5, 1.6. ...) can be enabled in the kernel, using e.g. the COMPAT_16 option.
Re:So, speaking of security, by Anonymous Coward · 2005-04-15 01:50 · Score: 4, Informative

You may be thinking of systrace.
Re:So, speaking of security, by Anonymous Coward · 2005-04-15 02:19 · Score: 3, Informative

On all BSD's you can set the lowest "unprivileged bindable" port by means of a sysctl.
Re:So, speaking of security, by Anonymous Coward · 2005-04-15 02:29 · Score: 2, Informative

or, you can redirect the port to a higher number by using NAT.
Re:So, speaking of security, by Homology · 2005-04-15 04:59 · Score: 4, Informative

So, what's the consensus been about the experience with this. Has it proven to be a huge improvement in security?
Writing systrace policies are alot of work, and requires much testing in order not to break the application. In addition you need knowledge of the system calls involved (pass/deny).
As an example "mv a /b" involves different system calls depending on a is on same filesystem as /b.