For auditors, sync to latest roster and start using the fancier tables
generated by jmb's little TCL script. Now you can just click on categories or auditor/reviewers to email them. Incorporate comments from Keith Bostic on security, point to AUSCERT's Unix Security Checklist.
This commit is contained in:
Jordan K. Hubbard
parent
dbb07c9784
commit
2d0b664dc7
Notes:
svn2git
2020-12-08 03:00:23 +00:00
svn path=/www/; revision=1188
4 changed files with 708 additions and 170 deletions
|
|
@ -1,5 +1,5 @@
|
|||
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 3.2//EN" [
|
||||
<!ENTITY date "$Date: 1997-02-18 01:04:17 $">
|
||||
<!ENTITY date "$Date: 1997-02-19 13:49:10 $">
|
||||
<!ENTITY title "FreeBSD Auditing Project">
|
||||
<!ENTITY % includes SYSTEM "includes.sgml"> %includes;
|
||||
]>
|
||||
|
|
@ -14,7 +14,7 @@
|
|||
|
||||
<H1>General Information</H1>
|
||||
|
||||
<em>Last Updated: $Date: 1997-02-18 01:04:17 $ </em>
|
||||
<em>Last Updated: $Date: 1997-02-19 13:49:10 $ </em>
|
||||
|
||||
<H2>Overview</H2>
|
||||
|
||||
|
|
@ -84,9 +84,11 @@ into the <strong>2.1</strong> and <strong>2.2</strong> branches.
|
|||
complex that I have turned it into a <a href="security.html">FreeBSD
|
||||
Security Guide</a>. Please read this now if you haven't already.
|
||||
|
||||
Another excellent document is the <a
|
||||
Other excellent documents are the <a
|
||||
href="ftp://ftp.auscert.org.au/pub/auscert/papers/secure_programming_checklist">
|
||||
Secure Programming Checklist</a>, available from AUSCERT.
|
||||
Secure Programming Checklist</a> and the <a
|
||||
href="ftp://ftp.auscert.org.au/pub/auscert/papers/unix_security_checklist">
|
||||
Unix Security Checklist</a>, both available from AUSCERT.
|
||||
|
||||
<H2>Sign-Up sheet:</H2>
|
||||
|
||||
|
|
@ -109,24 +111,126 @@ auditors will be assuming that the other 10 items are handled!</P>
|
|||
To sign up for something, please send mail to <a
|
||||
href="mailto:jkh@FreeBSD.org"> jkh@FreeBSD.org</a>.
|
||||
|
||||
<P>
|
||||
<TABLE border=2 cellpadding=3>
|
||||
<TR><TH>Module</TH> <TH>Auditor(s)</TH> <TH>Reviewer(s)</TH> <TH>Status</TH>
|
||||
<TR><TD>lib</TD> <TD>pst,ak</TD> <TD>jkh,dg,gvr,imp</TD> <TD>gvr</TD>
|
||||
<TR><TD>libc</TD> <TD>ee</TD> <TD>gvr</TD> <TD>Open</TD>
|
||||
<TR><TD>libdisk</TD> <TD>open</TD> <TD>phk,gvr</TD> <TD>Open</TD>
|
||||
<TR><TD>libexec</TD> <TD>imp,crh,ee,witr</TD> <TD>gvr</TD> <TD>Open</TD>
|
||||
<TR><TD>telnetd</TD> <TD>ac,dn</TD> <TD>imp,gvr</TD> <TD>Open</TD>
|
||||
<TR><TD>bin</TD> <TD>ac,gvr,ee</TD> <TD>imp,md,gvr</TD> <TD>Open</TD>
|
||||
<TR><TD>sbin</TD> <TD>taob,imp,ee,or</TD> <TD>md,gvr</TD> <TD>Open</TD>
|
||||
<TR><TD>usr.sbin</TD> <TD>imp,rd,marc,ee,ejc,jm</TD> <TD>md,gvr</TD> <TD>Open</TD>
|
||||
<TR><TD>usr.bin</TD> <TD>rb,rjk,rd,jha,ee,ky,bob,jm</TD> <TD>md,gvr</TD> <TD>Open</TD>
|
||||
<TR><TD>eBones</TD> <TD>mrvm</TD> <TD>gvr</TD> <TD>Open</TD>
|
||||
<TR><TD>secure</TD> <TD>mrvm,dc</TD> <TD>gvr</TD> <TD>Open</TD>
|
||||
<TR><TD>games</TD> <TD>xaa,ab,ee</TD> <TD>gvr</TD> <TD>Open</TD>
|
||||
<TR><TD>lkm</TD> <TD>dob</TD> <TD>gvr</TD> <TD>Open</TD>
|
||||
<TR><TD>release</TD> <TD>open</TD> <TD>gvr</TD> <TD>Open</TD>
|
||||
<TR><TD>contrib</TD> <TD>cg</TD> <TD>gvr</TD> <TD>Open</TD>
|
||||
<P></P><TABLE BORDER="2" CELLPADDING="3">
|
||||
<TR><TH>Module</TH><TH>Auditor(s)</TH><TH>Reviewer(s)</TH>
|
||||
<TH>Status</TH></TR>
|
||||
<TR><TD><A HREF="mailto:audit-bin@FreeBSD.ORG">bin</A></TD>
|
||||
<TD>
|
||||
<A HREF="mailto:adrian@psinet.net.au">ac</A>
|
||||
<A HREF="mailto:eivind@FreeBSD.org">ee</A>
|
||||
<A HREF="mailto:guido@FreeBSD.org">gvr*</A>
|
||||
<A HREF="mailto:jehamby@lightside.com">jh</A>
|
||||
<A HREF="mailto:top@bird.cris.net">ka</A>
|
||||
<A HREF="mailto:mudge@l0pht.com">mu</A>
|
||||
<A HREF="mailto:vadim@tversu.ac.ru">vk</A>
|
||||
</TD>
|
||||
<TD><A HREF="mailto:imp@FreeBSD.org">imp*</A> <A HREF="mailto:dillon@best.net">md</A> <A HREF="mailto: guido@FreeBSD.org">gvr*</A> </TD>
|
||||
<TD>Open</TD>
|
||||
<TR><TD><A HREF="mailto:audit-contrib@FreeBSD.ORG">contrib</A></TD>
|
||||
<TD>
|
||||
<A HREF="mailto:gryphon@healer.com">cg</A>
|
||||
</TD>
|
||||
<TD><A HREF="mailto: guido@FreeBSD.org">gvr*</A> </TD>
|
||||
<TD>Open</TD>
|
||||
<TR><TD><A HREF="mailto:audit-eBones@FreeBSD.ORG">eBones</A></TD>
|
||||
<TD>
|
||||
<A HREF="mailto:mark@grondar.za">mrvm*</A>
|
||||
</TD>
|
||||
<TD><A HREF="mailto: guido@FreeBSD.org">gvr*</A> </TD>
|
||||
<TD>Open</TD>
|
||||
<TR><TD><A HREF="mailto:audit-games@FreeBSD.ORG">games</A></TD>
|
||||
<TD>
|
||||
<A HREF="mailto:aaronb@j51.com">ab</A>
|
||||
<A HREF="mailto:eivind@FreeBSD.org">ee</A>
|
||||
<A HREF="mailto:xaa@stack.nl">xaa</A>
|
||||
</TD>
|
||||
<TD><A HREF="mailto: guido@FreeBSD.org">gvr*</A> </TD>
|
||||
<TD>Open</TD>
|
||||
<TR><TD><A HREF="mailto:audit-init@FreeBSD.ORG">init</A></TD>
|
||||
<TD>
|
||||
<A HREF="mailto:giles@nemeton.com.au">gl</A>
|
||||
</TD>
|
||||
<TD><A HREF="mailto: guido@FreeBSD.org">gvr*</A> </TD>
|
||||
<TD>Open</TD>
|
||||
<TR><TD><A HREF="mailto:audit-lib@FreeBSD.ORG">lib</A></TD>
|
||||
<TD>
|
||||
<A HREF="mailto:apk@itl.waw.pl">ak</A>
|
||||
<A HREF="mailto:nordquist@platinum.com">bjn</A>
|
||||
<A HREF="mailto:pst@FreeBSD.org">pst*</A>
|
||||
</TD>
|
||||
<TD><A HREF="mailto:davidg@FreeBSD.org">dg*</A> <A HREF="mailto:imp@FreeBSD.org">imp*</A> <A HREF="mailto:jkh@FreeBSD.org">jkh*</A> <A HREF="mailto: guido@FreeBSD.org">gvr*</A> </TD>
|
||||
<TD>Open</TD>
|
||||
<TR><TD><A HREF="mailto:audit-libc@FreeBSD.ORG">libc</A></TD>
|
||||
<TD>
|
||||
<A HREF="mailto:eivind@FreeBSD.org">ee</A>
|
||||
<A HREF="mailto:mudge@l0pht.com">mu</A>
|
||||
</TD>
|
||||
<TD><A HREF="mailto: guido@FreeBSD.org">gvr*</A> </TD>
|
||||
<TD>Open</TD>
|
||||
<TR><TD><A HREF="mailto:audit-libexec@FreeBSD.ORG">libexec</A></TD>
|
||||
<TD>
|
||||
<A HREF="mailto:henrich@crh.cl.msu.edu">crh</A>
|
||||
<A HREF="mailto:eivind@FreeBSD.org">ee</A>
|
||||
<A HREF="mailto:imp@FreeBSD.org">imp*</A>
|
||||
<A HREF="mailto:witr@rwwa.com">witr</A>
|
||||
</TD>
|
||||
<TD><A HREF="mailto: guido@FreeBSD.org">gvr*</A> </TD>
|
||||
<TD>Open</TD>
|
||||
<TR><TD><A HREF="mailto:audit-lkm@FreeBSD.ORG">lkm</A></TD>
|
||||
<TD>
|
||||
<A HREF="mailto:obrien@NUXI.com">dob</A>
|
||||
</TD>
|
||||
<TD><A HREF="mailto: guido@FreeBSD.org">gvr*</A> </TD>
|
||||
<TD>Open</TD>
|
||||
<TR><TD><A HREF="mailto:audit-sbin@FreeBSD.ORG">sbin</A></TD>
|
||||
<TD>
|
||||
<A HREF="mailto:eivind@FreeBSD.org">ee</A>
|
||||
<A HREF="mailto:imp@FreeBSD.org">imp*</A>
|
||||
<A HREF="mailto:roberto@keltia.freenix.fr">or*</A>
|
||||
<A HREF="mailto:taob@risc.org">tao</A>
|
||||
</TD>
|
||||
<TD><A HREF="mailto:dillon@best.net">md</A> <A HREF="mailto: guido@FreeBSD.org">gvr*</A> </TD>
|
||||
<TD>Open</TD>
|
||||
<TR><TD><A HREF="mailto:audit-secure@FreeBSD.ORG">secure</A></TD>
|
||||
<TD>
|
||||
<A HREF="mailto:tenser@spitfire.ecsel.psu.edu">dc</A>
|
||||
<A HREF="mailto:mark@grondar.za">mrvm*</A>
|
||||
</TD>
|
||||
<TD><A HREF="mailto: guido@FreeBSD.org">gvr*</A> </TD>
|
||||
<TD>Open</TD>
|
||||
<TR><TD><A HREF="mailto:audit-telnetd@FreeBSD.ORG">telnetd</A></TD>
|
||||
<TD>
|
||||
<A HREF="mailto:adrian@psinet.net.au">ac</A>
|
||||
<A HREF="mailto:davidn@labs.usn.blaze.net.au">dn</A>
|
||||
</TD>
|
||||
<TD><A HREF="mailto:imp@FreeBSD.org">imp*</A> <A HREF="mailto: guido@FreeBSD.org">gvr*</A> </TD>
|
||||
<TD>Open</TD>
|
||||
<TR><TD><A HREF="mailto:audit-usr.bin@FreeBSD.ORG">usr.bin</A></TD>
|
||||
<TD>
|
||||
<A HREF="mailto:bob@luke.pmr.com">bob</A>
|
||||
<A HREF="mailto:eivind@FreeBSD.org">ee</A>
|
||||
<A HREF="mailto:jha@cs.purdue.edu">jha</A>
|
||||
<A HREF="mailto:mollers.pad@sni.de">jm</A>
|
||||
<A HREF="mailto:yokota@zodiac.mech.utsunomiya-u.ac.jp">ky*</A>
|
||||
<A HREF="mailto:rbezuide@oskar.nanoteq.co.za">rb</A>
|
||||
<A HREF="mailto:rajivd@sprynet.com">rd</A>
|
||||
<A HREF="mailto:rjk@grauel.com">rjk</A>
|
||||
<A HREF="mailto:vadim@tversu.ac.ru">vk</A>
|
||||
</TD>
|
||||
<TD><A HREF="mailto:dillon@best.net">md</A> <A HREF="mailto: guido@FreeBSD.org">gvr*</A> </TD>
|
||||
<TD>Open</TD>
|
||||
<TR><TD><A HREF="mailto:audit-usr.sbin@FreeBSD.ORG">usr.sbin</A></TD>
|
||||
<TD>
|
||||
<A HREF="mailto:eivind@FreeBSD.org">ee</A>
|
||||
<A HREF="mailto:ejc@gargoyle.bazzle.com">ejc</A>
|
||||
<A HREF="mailto:giles@nemeton.com.au">gl</A>
|
||||
<A HREF="mailto:imp@FreeBSD.org">imp*</A>
|
||||
<A HREF="mailto:mollers.pad@sni.de">jm</A>
|
||||
<A HREF="mailto:marcs@znep.com">marc</A>
|
||||
<A HREF="mailto:rajivd@sprynet.com">rd</A>
|
||||
</TD>
|
||||
<TD><A HREF="mailto:dillon@best.net">md</A> <A HREF="mailto: guido@FreeBSD.org">gvr*</A> </TD>
|
||||
<TD>Open</TD>
|
||||
</TABLE>
|
||||
|
||||
<H2>Auditor/Reviewer keys</H2>
|
||||
|
|
@ -141,65 +245,187 @@ reach just the auditors & reviewers for a specific category, say
|
|||
<a href="mailto:audit-usr.sbin@FreeBSD.org">
|
||||
audit-<strong>usr.sbin</strong>@FreeBSD.org</a>.</P>
|
||||
|
||||
<TABLE cellpadding=2>
|
||||
<TR><TH>Key</TH> <TH>Auditor/Reviewer Name and Email address</TH>
|
||||
<TR><TD>ab</TD> <TD>Aaron Bornstein <a href="mailto:aaronb@j51.com">aaronb@j51.com</a></TD>
|
||||
<TR><TD>ac</TD> <TD>Adrian Chadd <a href="mailto:adrian@psinet.net.au">adrian@psinet.net.au</a></TD>
|
||||
<TR><TD>ak</TD> <TD>Adam Kubicki <a href="mailto:apk@itl.waw.pl">apk@itl.waw.pl</a></TD>
|
||||
<TR><TD>am</TD> <TD>Albert Mietus <a href="mailto:albert@gamp.hacom.nl">albert@gamp.hacom.nl</a></TD>
|
||||
<TR><TD>avk</TD> <TD>Alexander V. Kalganov <a href="mailto:top@sonic.cris.net">top@sonic.cris.net</a></TD>
|
||||
<TR><TD>bb</TD> <TD>Bob Bishop <a href="mailto:rb@gid.co.uk">rb@gid.co.uk</a></TD>
|
||||
<TR><TD>bob</TD> <TD>Bob Willcox <a href="mailto:bob@luke.pmr.com">bob@luke.pmr.com</a></TD>
|
||||
<TR><TD>btm</TD> <TD>Brian T. Michely <a href="mailto:brianm@cmhcsys.com">brianm@cmhcsys.com</a></TD>
|
||||
<TR><TD>cg</TD> <TD>Coranth Gryphon <a href="mailto:gryphon@healer.com">gryphon@healer.com</a></TD>
|
||||
<TR><TD>cl</TD> <TD>Chris Lambertus <a href="mailto:cmlambertus@ucdavis.edu">cmlambertus@ucdavis.edu</a></TD>
|
||||
<TR><TD>crh</TD> <TD>Charles Henrich <a href="mailto:henrich@crh.cl.msu.edu">henrich@crh.cl.msu.edu</a></TD>
|
||||
<TR><TD>dc</TD> <TD>Dan Cross <a href="mailto:tenser@spitfire.ecsel.psu.edu">tenser@spitfire.ecsel.psu.edu</a></TD>
|
||||
<TR><TD>dg*</TD> <TD>David Greenman <a href="mailto:davidg@FreeBSD.org">davidg@FreeBSD.org</a></TD>
|
||||
<TR><TD>din</TD> <TD>Dinesh Nair <a href="mailto:dinesh@alphaque.com">dinesh@alphaque.com</a></TD>
|
||||
<TR><TD>dn</TD> <TD>David Nugent <a href="mailto:davidn@labs.usn.blaze.net.au">davidn@labs.usn.blaze.net.au</a></TD>
|
||||
<TR><TD>dob*</TD> <TD>David E. O'Brien <a href="mailto:obrien@FreeBSD.org">obrien@FreeBSD.org</a></TD>
|
||||
<TR><TD>dz</TD> <TD>Danny J. Zerkel <a href="mailto:dzerkel@phofarm.com">dzerkel@phofarm.com</a></TD>
|
||||
<TR><TD>ee</TD> <TD>Eivind Eklund <a href="mailto:eivind@FreeBSD.org">eivind@FreeBSD.org</a></TD>
|
||||
<TR><TD>eh</TD> <TD>Elijah Hempstone <a href="mailto:avatar@gandalf.bss.sol.net">avatar@gandalf.bss.sol.net</a></TD>
|
||||
<TR><TD>eh</TD> <TD>Ernest Hua <a href="mailto:hua@chromatic.com">hua@chromatic.com</a></TD>
|
||||
<TR><TD>ejc</TD> <TD>Eric J. Chet <a href="mailto:ejc@gargoyle.bazzle.com">ejc@gargoyle.bazzle.com</a></TD>
|
||||
<TR><TD>gl</TD> <TD>Giles Lean <a href="mailto:giles@nemeton.com.au">giles@nemeton.com.au</a></TD>
|
||||
<TR><TD>gvr*</TD> <TD>Guido van Rooij <a href="mailto:guido@FreeBSD.org">guido@FreeBSD.org</a></TD>
|
||||
<TR><TD>gw</TD> <TD>Graham Wheeler <a href="mailto:gram@oms.co.za">gram@oms.co.za</a></TD>
|
||||
<TR><TD>imp*</TD> <TD>Warner Losh <a href="mailto:imp@FreeBSD.org">imp@FreeBSD.org</a></TD>
|
||||
<TR><TD>jb</TD> <TD>Jim Bresler <a href="mailto:jfb11@inlink.com">jfb11@inlink.com</a></TD>
|
||||
<TR><TD>jha</TD> <TD>John H. Aughey <a href="mailto:jha@cs.purdue.edu">jha@cs.purdue.edu</a></TD>
|
||||
<TR><TD>jk</TD> <TD>Jerry Kendall <a href="mailto:Jerry@kcis.com">Jerry@kcis.com</a></TD>
|
||||
<TR><TD>jkh*</TD> <TD>Jordan K. Hubbard <a href="mailto:jkh@FreeBSD.org">jkh@FreeBSD.org</a></TD>
|
||||
<TR><TD>jm</TD> <TD>Josef Moellers <a href="mailto:mollers.pad@sni.de">mollers.pad@sni.de</a></TD>
|
||||
<TR><TD>jmb*</TD> <TD>Jonathan M. Bresler <a href="mailto:jmb@FreeBSD.org">jmb@FreeBSD.org</a></TD>
|
||||
<TR><TD>joe*</TD> <TD>Joe Greco <a href="mailto:jgreco@solaria.sol.net">jgreco@solaria.sol.net</a></TD>
|
||||
<TR><TD>ki</TD> <TD>Kenneth Ingham <a href="mailto:ingham@i-pi.com">ingham@i-pi.com</a></TD>
|
||||
<TR><TD>ky*</TD> <TD>Kazutaka YOKOTA <a href="mailto:yokota@zodiac.mech.utsunomiya-u.ac.jp">yokota@zodiac.mech.utsunomiya-u.ac.jp</a></TD>
|
||||
<TR><TD>marc</TD> <TD>Marc Slemko <a href="mailto:marcs@znep.com">marcs@znep.com</a></TD>
|
||||
<TR><TD>md</TD> <TD>Matt Dillon <a href="mailto:dillon@best.net">dillon@best.net</a></TD>
|
||||
<TR><TD>mr</TD> <TD>Mike Romaniw <a href="mailto:msr@cuc.com">msr@cuc.com</a></TD>
|
||||
<TR><TD>mrvm*</TD> <TD>Mark Murray <a href="mailto:mark@grondar.za">mark@grondar.za</a></TD>
|
||||
<TR><TD>or*</TD> <TD>Ollivier Robert <a href="mailto:roberto@keltia.freenix.fr">roberto@keltia.freenix.fr</a></TD>
|
||||
<TR><TD>pb</TD> <TD>Peter Blake <a href="mailto:ppb@baloo.tcp.co.uk">ppb@baloo.tcp.co.uk</a></TD>
|
||||
<TR><TD>peter*</TD> <TD>Peter Wemm <a href="mailto:peter@FreeBSD.org">peter@FreeBSD.org</a>
|
||||
<TR><TD>phk*</TD> <TD>Poul-Henning Kamp <a href="mailto:phk@FreeBSD.org">phk@FreeBSD.org</a></TD>
|
||||
<TR><TD>pst*</TD> <TD>Paul Traina <a href="mailto:pst@FreeBSD.org">pst@FreeBSD.org</a></TD>
|
||||
<TR><TD>rb</TD> <TD>Reinier Bezuidenhout <a href="mailto:rbezuide@oskar.nanoteq.co.za">rbezuide@oskar.nanoteq.co.za</a></TD>
|
||||
<TR><TD>rd</TD> <TD>Rajiv Dighe <a href="mailto:rajivd@sprynet.com">rajivd@sprynet.com</a></TD>
|
||||
<TR><TD>rel</TD> <TD>Roger Espel Llima <a href="mailto:espel@llaic.univ-bpclermont.fr">espel@llaic.univ-bpclermont.fr</a></TD>
|
||||
<TR><TD>rjk</TD> <TD>Richard J Kuhns <a href="mailto:rjk@grauel.com">rjk@grauel.com</a>
|
||||
<TR><TD>rm</TD> <TD>Robin Melville <a href="mailto:robmel@nadt.org.uk">robmel@nadt.org.uk</a></TD>
|
||||
<TR><TD>rs</TD> <TD>Robert Sexton <a href="mailto:robert@kudra.com">robert@kudra.com</a></TD>
|
||||
<TR><TD>sc</TD> <TD>Sergei Chechetkin <a href="mailto:csl@whale.sunbay.crimea.ua">csl@whale.sunbay.crimea.ua</a></TD>
|
||||
<TR><TD>tao</TD> <TD>Brian Tao <a href="mailto:taob@risc.org">taob@risc.org</a></TD>
|
||||
<TR><TD>tdr</TD> <TD>Thomas David Rivers <a href="mailto:ponds!rivers@dg-rtp.dg.com">ponds!rivers@dg-rtp.dg.com</a></TD>
|
||||
<TR><TD>witr</TD> <TD>Robert Withrow <a href="mailto:witr@rwwa.com">witr@rwwa.com</a></TD>
|
||||
<TR><TD>xaa</TD> <TD>Mark Huizer <a href="mailto:xaa@stack.nl">xaa@stack.nl</a></TD>
|
||||
<TABLE CELLPADDING="2"><TR><TH>Key</TH>
|
||||
<TH>Auditor/Reviewer Name and Email address</TH></TR>
|
||||
<TR><td>ab</TD>
|
||||
<TD>Aaron Bornstein <A HREF="mailto:aaronb@j51.com">
|
||||
aaronb@j51.com</A></TD></TR>
|
||||
<TR><td>ac</TD>
|
||||
<TD>Adrian Chadd <A HREF="mailto:adrian@psinet.net.au">
|
||||
adrian@psinet.net.au</A></TD></TR>
|
||||
<TR><td>ak</TD>
|
||||
<TD>Adam Kubicki <A HREF="mailto:apk@itl.waw.pl">
|
||||
apk@itl.waw.pl</A></TD></TR>
|
||||
<TR><td>am</TD>
|
||||
<TD>Albert Mietus <A HREF="mailto:albert@gamp.hacom.nl">
|
||||
albert@gamp.hacom.nl</A></TD></TR>
|
||||
<TR><td>avk</TD>
|
||||
<TD>Alexander V. Kalganov <A HREF="mailto:top@sonic.cris.net">
|
||||
top@sonic.cris.net</A></TD></TR>
|
||||
<TR><td>bb</TD>
|
||||
<TD>Bob Bishop <A HREF="mailto:rb@gid.co.uk">
|
||||
rb@gid.co.uk</A></TD></TR>
|
||||
<TR><td>bjn</TD>
|
||||
<TD>Brent J. Nordquist <A HREF="mailto:nordquist@platinum.com">
|
||||
nordquist@platinum.com</A></TD></TR>
|
||||
<TR><td>bob</TD>
|
||||
<TD>Bob Willcox <A HREF="mailto:bob@luke.pmr.com">
|
||||
bob@luke.pmr.com</A></TD></TR>
|
||||
<TR><td>btm</TD>
|
||||
<TD>Brian T. Michely <A HREF="mailto:brianm@cmhcsys.com">
|
||||
brianm@cmhcsys.com</A></TD></TR>
|
||||
<TR><td>cg</TD>
|
||||
<TD>Coranth Gryphon <A HREF="mailto:gryphon@healer.com">
|
||||
gryphon@healer.com</A></TD></TR>
|
||||
<TR><td>cl</TD>
|
||||
<TD>Chris Lambertus <A HREF="mailto:cmlambertus@ucdavis.edu">
|
||||
cmlambertus@ucdavis.edu</A></TD></TR>
|
||||
<TR><td>crh</TD>
|
||||
<TD>Charles Henrich <A HREF="mailto:henrich@crh.cl.msu.edu">
|
||||
henrich@crh.cl.msu.edu</A></TD></TR>
|
||||
<TR><td>dc</TD>
|
||||
<TD>Dan Cross <A HREF="mailto:tenser@spitfire.ecsel.psu.edu">
|
||||
tenser@spitfire.ecsel.psu.edu</A></TD></TR>
|
||||
<TR><td>dg*</TD>
|
||||
<TD>David Greenman <A HREF="mailto:davidg@FreeBSD.org">
|
||||
davidg@FreeBSD.org</A></TD></TR>
|
||||
<TR><td>din</TD>
|
||||
<TD>Dinesh Nair <A HREF="mailto:dinesh@alphaque.com">
|
||||
dinesh@alphaque.com</A></TD></TR>
|
||||
<TR><td>dn</TD>
|
||||
<TD>David Nugent <A HREF="mailto:davidn@labs.usn.blaze.net.au">
|
||||
davidn@labs.usn.blaze.net.au</A></TD></TR>
|
||||
<TR><td>dob</TD>
|
||||
<TD>David E. O'Brien <A HREF="mailto:obrien@NUXI.com">
|
||||
obrien@NUXI.com</A></TD></TR>
|
||||
<TR><td>dz</TD>
|
||||
<TD>Danny J. Zerkel <A HREF="mailto:dzerkel@phofarm.com">
|
||||
dzerkel@phofarm.com</A></TD></TR>
|
||||
<TR><td>ee</TD>
|
||||
<TD>Eivind Eklund <A HREF="mailto:eivind@FreeBSD.org">
|
||||
eivind@FreeBSD.org</A></TD></TR>
|
||||
<TR><td>eh</TD>
|
||||
<TD>Elijah Hempstone <A HREF="mailto:avatar@gandalf.bss.sol.net">
|
||||
avatar@gandalf.bss.sol.net</A></TD></TR>
|
||||
<TR><td>ehu</TD>
|
||||
<TD>Ernest Hua <A HREF="mailto:hua@chromatic.com">
|
||||
hua@chromatic.com</A></TD></TR>
|
||||
<TR><td>ejc</TD>
|
||||
<TD>Eric J. Chet <A HREF="mailto:ejc@gargoyle.bazzle.com">
|
||||
ejc@gargoyle.bazzle.com</A></TD></TR>
|
||||
<TR><td>gl</TD>
|
||||
<TD>Giles Lean <A HREF="mailto:giles@nemeton.com.au">
|
||||
giles@nemeton.com.au</A></TD></TR>
|
||||
<TR><td>gvr*</TD>
|
||||
<TD>Guido van Rooij <A HREF="mailto:guido@FreeBSD.org">
|
||||
guido@FreeBSD.org</A></TD></TR>
|
||||
<TR><td>gw</TD>
|
||||
<TD>Graham Wheeler <A HREF="mailto:gram@oms.co.za">
|
||||
gram@oms.co.za</A></TD></TR>
|
||||
<TR><td>imp*</TD>
|
||||
<TD>Warner Losh <A HREF="mailto:imp@FreeBSD.org">
|
||||
imp@FreeBSD.org</A></TD></TR>
|
||||
<TR><td>jb</TD>
|
||||
<TD>Jim Bresler <A HREF="mailto:jfb11@inlink.com">
|
||||
jfb11@inlink.com</A></TD></TR>
|
||||
<TR><td>jh</TD>
|
||||
<TD>Jake Hamby <A HREF="mailto:jehamby@lightside.com">
|
||||
jehamby@lightside.com</A></TD></TR>
|
||||
<TR><td>jha</TD>
|
||||
<TD>John H. Aughey <A HREF="mailto:jha@cs.purdue.edu">
|
||||
jha@cs.purdue.edu</A></TD></TR>
|
||||
<TR><td>jk</TD>
|
||||
<TD>Jerry Kendall <A HREF="mailto:Jerry@kcis.com">
|
||||
Jerry@kcis.com</A></TD></TR>
|
||||
<TR><td>jkh*</TD>
|
||||
<TD>Jordan K. Hubbard <A HREF="mailto:jkh@FreeBSD.org">
|
||||
jkh@FreeBSD.org</A></TD></TR>
|
||||
<TR><td>jm</TD>
|
||||
<TD>Josef Moellers <A HREF="mailto:mollers.pad@sni.de">
|
||||
mollers.pad@sni.de</A></TD></TR>
|
||||
<TR><td>jmb*</TD>
|
||||
<TD>Jonathan M. Bresler <A HREF="mailto:jmb@FreeBSD.org">
|
||||
jmb@FreeBSD.org</A></TD></TR>
|
||||
<TR><td>joe*</TD>
|
||||
<TD>Joe Greco <A HREF="mailto:jgreco@solaria.sol.net">
|
||||
jgreco@solaria.sol.net</A></TD></TR>
|
||||
<TR><td>ka</TD>
|
||||
<TD>Kalganov Alexander <A HREF="mailto:top@bird.cris.net">
|
||||
top@bird.cris.net</A></TD></TR>
|
||||
<TR><td>ki</TD>
|
||||
<TD>Kenneth Ingham <A HREF="mailto:ingham@i-pi.com">
|
||||
ingham@i-pi.com</A></TD></TR>
|
||||
<TR><td>ky*</TD>
|
||||
<TD>Kazutaka YOKOTA <A HREF="mailto:yokota@zodiac.mech.utsunomiya-u.ac.jp">
|
||||
yokota@zodiac.mech.utsunomiya-u.ac.jp</A></TD></TR>
|
||||
<TR><td>marc</TD>
|
||||
<TD>Marc Slemko <A HREF="mailto:marcs@znep.com">
|
||||
marcs@znep.com</A></TD></TR>
|
||||
<TR><td>md</TD>
|
||||
<TD>Matt Dillon <A HREF="mailto:dillon@best.net">
|
||||
dillon@best.net</A></TD></TR>
|
||||
<TR><td>mr</TD>
|
||||
<TD>Mike Romaniw <A HREF="mailto:msr@cuc.com">
|
||||
msr@cuc.com</A></TD></TR>
|
||||
<TR><td>mrvm*</TD>
|
||||
<TD>Mark Murray <A HREF="mailto:mark@grondar.za">
|
||||
mark@grondar.za</A></TD></TR>
|
||||
<TR><td>mu</TD>
|
||||
<TD>Mudge <A HREF="mailto:mudge@l0pht.com">
|
||||
mudge@l0pht.com</A></TD></TR>
|
||||
<TR><td>or*</TD>
|
||||
<TD>Ollivier Robert <A HREF="mailto:roberto@keltia.freenix.fr">
|
||||
roberto@keltia.freenix.fr</A></TD></TR>
|
||||
<TR><td>pb</TD>
|
||||
<TD>Peter Blake <A HREF="mailto:ppb@baloo.tcp.co.uk">
|
||||
ppb@baloo.tcp.co.uk</A></TD></TR>
|
||||
<TR><td>peter*</TD>
|
||||
<TD>Peter Wemm <A HREF="mailto:peter@FreeBSD.org">
|
||||
peter@FreeBSD.org</A></TD></TR>
|
||||
<TR><td>phk*</TD>
|
||||
<TD>Poul-Henning Kamp <A HREF="mailto:phk@FreeBSD.org">
|
||||
phk@FreeBSD.org</A></TD></TR>
|
||||
<TR><td>pst*</TD>
|
||||
<TD>Paul Traina <A HREF="mailto:pst@FreeBSD.org">
|
||||
pst@FreeBSD.org</A></TD></TR>
|
||||
<TR><td>rb</TD>
|
||||
<TD>Reinier Bezuidenhout <A HREF="mailto:rbezuide@oskar.nanoteq.co.za">
|
||||
rbezuide@oskar.nanoteq.co.za</A></TD></TR>
|
||||
<TR><td>rd</TD>
|
||||
<TD>Rajiv Dighe <A HREF="mailto:rajivd@sprynet.com">
|
||||
rajivd@sprynet.com</A></TD></TR>
|
||||
<TR><td>rel</TD>
|
||||
<TD>Roger Espel Llima <A HREF="mailto:espel@llaic.univ-bpclermont.fr">
|
||||
espel@llaic.univ-bpclermont.fr</A></TD></TR>
|
||||
<TR><td>rjk</TD>
|
||||
<TD>Richard J Kuhns <A HREF="mailto:rjk@grauel.com">
|
||||
rjk@grauel.com</A></TD></TR>
|
||||
<TR><td>rm</TD>
|
||||
<TD>Robin Melville <A HREF="mailto:robmel@nadt.org.uk">
|
||||
robmel@nadt.org.uk</A></TD></TR>
|
||||
<TR><td>rs</TD>
|
||||
<TD>Robert Sexton <A HREF="mailto:robert@kudra.com">
|
||||
robert@kudra.com</A></TD></TR>
|
||||
<TR><td>sc</TD>
|
||||
<TD>Sergei Chechetkin <A HREF="mailto:csl@whale.sunbay.crimea.ua">
|
||||
csl@whale.sunbay.crimea.ua</A></TD></TR>
|
||||
<TR><td>tao</TD>
|
||||
<TD>Brian Tao <A HREF="mailto:taob@risc.org">
|
||||
taob@risc.org</A></TD></TR>
|
||||
<TR><td>tdr</TD>
|
||||
<TD>Thomas David Rivers <A HREF="mailto:ponds!rivers@dg-rtp.dg.com">
|
||||
ponds!rivers@dg-rtp.dg.com</A></TD></TR>
|
||||
<TR><td>vk</TD>
|
||||
<TD>Vadim Kolontsov <A HREF="mailto:vadim@tversu.ac.ru">
|
||||
vadim@tversu.ac.ru</A></TD></TR>
|
||||
<TR><td>witr</TD>
|
||||
<TD>Robert Withrow <A HREF="mailto:witr@rwwa.com">
|
||||
witr@rwwa.com</A></TD></TR>
|
||||
<TR><td>xaa</TD>
|
||||
<TD>Mark Huizer <A HREF="mailto:xaa@stack.nl">
|
||||
xaa@stack.nl</A></TD></TR>
|
||||
</TABLE>
|
||||
|
||||
<h3>* = Has CVS commit privileges.</h3>
|
||||
<H3>* = Has CVS commit privileges.</H3>
|
||||
|
||||
&footer;
|
||||
</BODY>
|
||||
|
|
|
|||
|
|
@ -1,5 +1,5 @@
|
|||
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 3.2//EN" [
|
||||
<!ENTITY date "$Date: 1997-02-15 13:28:51 $">
|
||||
<!ENTITY date "$Date: 1997-02-19 13:49:11 $">
|
||||
<!ENTITY title "FreeBSD Security Guide">
|
||||
<!ENTITY % includes SYSTEM "includes.sgml"> %includes;
|
||||
]>
|
||||
|
|
@ -14,7 +14,7 @@
|
|||
|
||||
<H1>FreeBSD Security Guide</H1>
|
||||
|
||||
<em>Last Updated: $Date: 1997-02-15 13:28:51 $ </em>
|
||||
<em>Last Updated: $Date: 1997-02-19 13:49:11 $ </em>
|
||||
|
||||
<P>This guide attempts to document some of the tips and tricks used by
|
||||
many FreeBSD security experts for securing systems and writing secure
|
||||
|
|
@ -24,16 +24,20 @@ if and when they should happen. It also lists the various ways in which
|
|||
the systems programmer can become more security conscious and less likely
|
||||
to introduce security holes in the first place.
|
||||
|
||||
<p>We welcome your comments on the contents and correctness of this page.
|
||||
Please send email to <a href="mailto:security-officer@freebsd.org">the
|
||||
FreeBSD Security Officers</a> if you have changes you'd like to see here.
|
||||
|
||||
<H2>How to secure a FreeBSD system:</H2>
|
||||
|
||||
<UL>
|
||||
<LI>This section needs to be written.
|
||||
<LI>XXX This section needs to be written.
|
||||
</UL>
|
||||
|
||||
<H2>How to recover from a security compromise </H2>
|
||||
|
||||
<UL>
|
||||
<LI>This section also needs to be written.
|
||||
<LI>XXX This section also needs to be written.
|
||||
</UL>
|
||||
|
||||
<H2>Security Do's and Don'ts for Programmers:</H2>
|
||||
|
|
@ -50,8 +54,18 @@ to introduce security holes in the first place.
|
|||
<LI><A NAME="#rule1_1"></A>strcpy() and sprintf() calls from
|
||||
unbounded data. Use strncpy() and snprintf() when the length is known
|
||||
(or implement some other form of bounds-checking when it's not).
|
||||
In fact, never use gets(3) or sprintf(3), period.
|
||||
|
||||
<P><LI><A NAME="#rule1_2"></A>Watch for strvis() and getenv() abuse.
|
||||
<P><LI><A NAME="#rule1_2"></A>Watch for strvis(3) and getenv(3) abuse.
|
||||
strvis() is easy to get the destination string wrong for, and getenv()
|
||||
can return strings much longer than the user might expect - they are
|
||||
one of the key ways an attack is often made on a program, causing it
|
||||
to overwrite stack or variables by setting its environment variables
|
||||
to unexpected values. If your program reads environment variables,
|
||||
be paranoid!
|
||||
|
||||
<P><LI>Every time you see an open(2) or stat(2) call, ask yourself, "What
|
||||
if it's a symbolic link?"
|
||||
|
||||
<P><LI><A NAME="#rule1_3"></A>All uses of mktemp(), tempnam(), mkstemp(),
|
||||
etc.; make sure that they use mkstemp() instead. Also look for races in
|
||||
|
|
@ -61,6 +75,9 @@ to introduce security holes in the first place.
|
|||
<LI>Creating a directory. This will either succeed or fail.
|
||||
<LI>Opening a file O_CREAT | O_EXCL
|
||||
</UL>
|
||||
mkstemp(3) properly handles this for you, so all temp files should
|
||||
use mkstemp to guarantee there's no race and that the permissions
|
||||
are right.
|
||||
|
||||
<P><LI><A NAME="#rule1_4"></A>If an attacker can force packets to go/come
|
||||
from another arbitrary system then that hacker has complete control
|
||||
|
|
@ -144,6 +161,32 @@ to introduce security holes in the first place.
|
|||
|
||||
<P><LI><A NAME="#rule6"></A>Pay special attention to realloc() usage - more
|
||||
often than not, it's not done correctly.
|
||||
|
||||
<P><LI>When using fixed-size buffers, use sizeof() to prevent lossage when
|
||||
a buffer size is changed but the code which uses it isn't. For example:
|
||||
<LISTING>
|
||||
char buf[1024];
|
||||
struct foo { ... };
|
||||
...
|
||||
BAD:
|
||||
xxx(buf, 1024)
|
||||
xxx(yyy, sizeof(struct foo))
|
||||
GOOD:
|
||||
xxx(buf, sizeof(buf))
|
||||
xxx(yyy, sizeof(yyy))
|
||||
</LISTING>
|
||||
|
||||
<P><LI>Every time you see "char foo[###]", check every usage of foo to
|
||||
make sure it can't be overflowed. If you can't avoid overflow
|
||||
(and cases of this have been seen) then at least malloc the buffer
|
||||
so you can't walk on the stack.
|
||||
|
||||
<P><LI>Always close file descriptors as soon as you can -- this makes it
|
||||
more likely that the stdio buffer contents will be discarded. In
|
||||
library routines, always set any file descriptors that you open to
|
||||
close-on-exec.
|
||||
|
||||
<P>
|
||||
</UL>
|
||||
|
||||
&footer;
|
||||
|
|
|
|||
386
en/auditors.sgml
386
en/auditors.sgml
|
|
@ -1,5 +1,5 @@
|
|||
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 3.2//EN" [
|
||||
<!ENTITY date "$Date: 1997-02-18 01:04:17 $">
|
||||
<!ENTITY date "$Date: 1997-02-19 13:49:10 $">
|
||||
<!ENTITY title "FreeBSD Auditing Project">
|
||||
<!ENTITY % includes SYSTEM "includes.sgml"> %includes;
|
||||
]>
|
||||
|
|
@ -14,7 +14,7 @@
|
|||
|
||||
<H1>General Information</H1>
|
||||
|
||||
<em>Last Updated: $Date: 1997-02-18 01:04:17 $ </em>
|
||||
<em>Last Updated: $Date: 1997-02-19 13:49:10 $ </em>
|
||||
|
||||
<H2>Overview</H2>
|
||||
|
||||
|
|
@ -84,9 +84,11 @@ into the <strong>2.1</strong> and <strong>2.2</strong> branches.
|
|||
complex that I have turned it into a <a href="security.html">FreeBSD
|
||||
Security Guide</a>. Please read this now if you haven't already.
|
||||
|
||||
Another excellent document is the <a
|
||||
Other excellent documents are the <a
|
||||
href="ftp://ftp.auscert.org.au/pub/auscert/papers/secure_programming_checklist">
|
||||
Secure Programming Checklist</a>, available from AUSCERT.
|
||||
Secure Programming Checklist</a> and the <a
|
||||
href="ftp://ftp.auscert.org.au/pub/auscert/papers/unix_security_checklist">
|
||||
Unix Security Checklist</a>, both available from AUSCERT.
|
||||
|
||||
<H2>Sign-Up sheet:</H2>
|
||||
|
||||
|
|
@ -109,24 +111,126 @@ auditors will be assuming that the other 10 items are handled!</P>
|
|||
To sign up for something, please send mail to <a
|
||||
href="mailto:jkh@FreeBSD.org"> jkh@FreeBSD.org</a>.
|
||||
|
||||
<P>
|
||||
<TABLE border=2 cellpadding=3>
|
||||
<TR><TH>Module</TH> <TH>Auditor(s)</TH> <TH>Reviewer(s)</TH> <TH>Status</TH>
|
||||
<TR><TD>lib</TD> <TD>pst,ak</TD> <TD>jkh,dg,gvr,imp</TD> <TD>gvr</TD>
|
||||
<TR><TD>libc</TD> <TD>ee</TD> <TD>gvr</TD> <TD>Open</TD>
|
||||
<TR><TD>libdisk</TD> <TD>open</TD> <TD>phk,gvr</TD> <TD>Open</TD>
|
||||
<TR><TD>libexec</TD> <TD>imp,crh,ee,witr</TD> <TD>gvr</TD> <TD>Open</TD>
|
||||
<TR><TD>telnetd</TD> <TD>ac,dn</TD> <TD>imp,gvr</TD> <TD>Open</TD>
|
||||
<TR><TD>bin</TD> <TD>ac,gvr,ee</TD> <TD>imp,md,gvr</TD> <TD>Open</TD>
|
||||
<TR><TD>sbin</TD> <TD>taob,imp,ee,or</TD> <TD>md,gvr</TD> <TD>Open</TD>
|
||||
<TR><TD>usr.sbin</TD> <TD>imp,rd,marc,ee,ejc,jm</TD> <TD>md,gvr</TD> <TD>Open</TD>
|
||||
<TR><TD>usr.bin</TD> <TD>rb,rjk,rd,jha,ee,ky,bob,jm</TD> <TD>md,gvr</TD> <TD>Open</TD>
|
||||
<TR><TD>eBones</TD> <TD>mrvm</TD> <TD>gvr</TD> <TD>Open</TD>
|
||||
<TR><TD>secure</TD> <TD>mrvm,dc</TD> <TD>gvr</TD> <TD>Open</TD>
|
||||
<TR><TD>games</TD> <TD>xaa,ab,ee</TD> <TD>gvr</TD> <TD>Open</TD>
|
||||
<TR><TD>lkm</TD> <TD>dob</TD> <TD>gvr</TD> <TD>Open</TD>
|
||||
<TR><TD>release</TD> <TD>open</TD> <TD>gvr</TD> <TD>Open</TD>
|
||||
<TR><TD>contrib</TD> <TD>cg</TD> <TD>gvr</TD> <TD>Open</TD>
|
||||
<P></P><TABLE BORDER="2" CELLPADDING="3">
|
||||
<TR><TH>Module</TH><TH>Auditor(s)</TH><TH>Reviewer(s)</TH>
|
||||
<TH>Status</TH></TR>
|
||||
<TR><TD><A HREF="mailto:audit-bin@FreeBSD.ORG">bin</A></TD>
|
||||
<TD>
|
||||
<A HREF="mailto:adrian@psinet.net.au">ac</A>
|
||||
<A HREF="mailto:eivind@FreeBSD.org">ee</A>
|
||||
<A HREF="mailto:guido@FreeBSD.org">gvr*</A>
|
||||
<A HREF="mailto:jehamby@lightside.com">jh</A>
|
||||
<A HREF="mailto:top@bird.cris.net">ka</A>
|
||||
<A HREF="mailto:mudge@l0pht.com">mu</A>
|
||||
<A HREF="mailto:vadim@tversu.ac.ru">vk</A>
|
||||
</TD>
|
||||
<TD><A HREF="mailto:imp@FreeBSD.org">imp*</A> <A HREF="mailto:dillon@best.net">md</A> <A HREF="mailto: guido@FreeBSD.org">gvr*</A> </TD>
|
||||
<TD>Open</TD>
|
||||
<TR><TD><A HREF="mailto:audit-contrib@FreeBSD.ORG">contrib</A></TD>
|
||||
<TD>
|
||||
<A HREF="mailto:gryphon@healer.com">cg</A>
|
||||
</TD>
|
||||
<TD><A HREF="mailto: guido@FreeBSD.org">gvr*</A> </TD>
|
||||
<TD>Open</TD>
|
||||
<TR><TD><A HREF="mailto:audit-eBones@FreeBSD.ORG">eBones</A></TD>
|
||||
<TD>
|
||||
<A HREF="mailto:mark@grondar.za">mrvm*</A>
|
||||
</TD>
|
||||
<TD><A HREF="mailto: guido@FreeBSD.org">gvr*</A> </TD>
|
||||
<TD>Open</TD>
|
||||
<TR><TD><A HREF="mailto:audit-games@FreeBSD.ORG">games</A></TD>
|
||||
<TD>
|
||||
<A HREF="mailto:aaronb@j51.com">ab</A>
|
||||
<A HREF="mailto:eivind@FreeBSD.org">ee</A>
|
||||
<A HREF="mailto:xaa@stack.nl">xaa</A>
|
||||
</TD>
|
||||
<TD><A HREF="mailto: guido@FreeBSD.org">gvr*</A> </TD>
|
||||
<TD>Open</TD>
|
||||
<TR><TD><A HREF="mailto:audit-init@FreeBSD.ORG">init</A></TD>
|
||||
<TD>
|
||||
<A HREF="mailto:giles@nemeton.com.au">gl</A>
|
||||
</TD>
|
||||
<TD><A HREF="mailto: guido@FreeBSD.org">gvr*</A> </TD>
|
||||
<TD>Open</TD>
|
||||
<TR><TD><A HREF="mailto:audit-lib@FreeBSD.ORG">lib</A></TD>
|
||||
<TD>
|
||||
<A HREF="mailto:apk@itl.waw.pl">ak</A>
|
||||
<A HREF="mailto:nordquist@platinum.com">bjn</A>
|
||||
<A HREF="mailto:pst@FreeBSD.org">pst*</A>
|
||||
</TD>
|
||||
<TD><A HREF="mailto:davidg@FreeBSD.org">dg*</A> <A HREF="mailto:imp@FreeBSD.org">imp*</A> <A HREF="mailto:jkh@FreeBSD.org">jkh*</A> <A HREF="mailto: guido@FreeBSD.org">gvr*</A> </TD>
|
||||
<TD>Open</TD>
|
||||
<TR><TD><A HREF="mailto:audit-libc@FreeBSD.ORG">libc</A></TD>
|
||||
<TD>
|
||||
<A HREF="mailto:eivind@FreeBSD.org">ee</A>
|
||||
<A HREF="mailto:mudge@l0pht.com">mu</A>
|
||||
</TD>
|
||||
<TD><A HREF="mailto: guido@FreeBSD.org">gvr*</A> </TD>
|
||||
<TD>Open</TD>
|
||||
<TR><TD><A HREF="mailto:audit-libexec@FreeBSD.ORG">libexec</A></TD>
|
||||
<TD>
|
||||
<A HREF="mailto:henrich@crh.cl.msu.edu">crh</A>
|
||||
<A HREF="mailto:eivind@FreeBSD.org">ee</A>
|
||||
<A HREF="mailto:imp@FreeBSD.org">imp*</A>
|
||||
<A HREF="mailto:witr@rwwa.com">witr</A>
|
||||
</TD>
|
||||
<TD><A HREF="mailto: guido@FreeBSD.org">gvr*</A> </TD>
|
||||
<TD>Open</TD>
|
||||
<TR><TD><A HREF="mailto:audit-lkm@FreeBSD.ORG">lkm</A></TD>
|
||||
<TD>
|
||||
<A HREF="mailto:obrien@NUXI.com">dob</A>
|
||||
</TD>
|
||||
<TD><A HREF="mailto: guido@FreeBSD.org">gvr*</A> </TD>
|
||||
<TD>Open</TD>
|
||||
<TR><TD><A HREF="mailto:audit-sbin@FreeBSD.ORG">sbin</A></TD>
|
||||
<TD>
|
||||
<A HREF="mailto:eivind@FreeBSD.org">ee</A>
|
||||
<A HREF="mailto:imp@FreeBSD.org">imp*</A>
|
||||
<A HREF="mailto:roberto@keltia.freenix.fr">or*</A>
|
||||
<A HREF="mailto:taob@risc.org">tao</A>
|
||||
</TD>
|
||||
<TD><A HREF="mailto:dillon@best.net">md</A> <A HREF="mailto: guido@FreeBSD.org">gvr*</A> </TD>
|
||||
<TD>Open</TD>
|
||||
<TR><TD><A HREF="mailto:audit-secure@FreeBSD.ORG">secure</A></TD>
|
||||
<TD>
|
||||
<A HREF="mailto:tenser@spitfire.ecsel.psu.edu">dc</A>
|
||||
<A HREF="mailto:mark@grondar.za">mrvm*</A>
|
||||
</TD>
|
||||
<TD><A HREF="mailto: guido@FreeBSD.org">gvr*</A> </TD>
|
||||
<TD>Open</TD>
|
||||
<TR><TD><A HREF="mailto:audit-telnetd@FreeBSD.ORG">telnetd</A></TD>
|
||||
<TD>
|
||||
<A HREF="mailto:adrian@psinet.net.au">ac</A>
|
||||
<A HREF="mailto:davidn@labs.usn.blaze.net.au">dn</A>
|
||||
</TD>
|
||||
<TD><A HREF="mailto:imp@FreeBSD.org">imp*</A> <A HREF="mailto: guido@FreeBSD.org">gvr*</A> </TD>
|
||||
<TD>Open</TD>
|
||||
<TR><TD><A HREF="mailto:audit-usr.bin@FreeBSD.ORG">usr.bin</A></TD>
|
||||
<TD>
|
||||
<A HREF="mailto:bob@luke.pmr.com">bob</A>
|
||||
<A HREF="mailto:eivind@FreeBSD.org">ee</A>
|
||||
<A HREF="mailto:jha@cs.purdue.edu">jha</A>
|
||||
<A HREF="mailto:mollers.pad@sni.de">jm</A>
|
||||
<A HREF="mailto:yokota@zodiac.mech.utsunomiya-u.ac.jp">ky*</A>
|
||||
<A HREF="mailto:rbezuide@oskar.nanoteq.co.za">rb</A>
|
||||
<A HREF="mailto:rajivd@sprynet.com">rd</A>
|
||||
<A HREF="mailto:rjk@grauel.com">rjk</A>
|
||||
<A HREF="mailto:vadim@tversu.ac.ru">vk</A>
|
||||
</TD>
|
||||
<TD><A HREF="mailto:dillon@best.net">md</A> <A HREF="mailto: guido@FreeBSD.org">gvr*</A> </TD>
|
||||
<TD>Open</TD>
|
||||
<TR><TD><A HREF="mailto:audit-usr.sbin@FreeBSD.ORG">usr.sbin</A></TD>
|
||||
<TD>
|
||||
<A HREF="mailto:eivind@FreeBSD.org">ee</A>
|
||||
<A HREF="mailto:ejc@gargoyle.bazzle.com">ejc</A>
|
||||
<A HREF="mailto:giles@nemeton.com.au">gl</A>
|
||||
<A HREF="mailto:imp@FreeBSD.org">imp*</A>
|
||||
<A HREF="mailto:mollers.pad@sni.de">jm</A>
|
||||
<A HREF="mailto:marcs@znep.com">marc</A>
|
||||
<A HREF="mailto:rajivd@sprynet.com">rd</A>
|
||||
</TD>
|
||||
<TD><A HREF="mailto:dillon@best.net">md</A> <A HREF="mailto: guido@FreeBSD.org">gvr*</A> </TD>
|
||||
<TD>Open</TD>
|
||||
</TABLE>
|
||||
|
||||
<H2>Auditor/Reviewer keys</H2>
|
||||
|
|
@ -141,65 +245,187 @@ reach just the auditors & reviewers for a specific category, say
|
|||
<a href="mailto:audit-usr.sbin@FreeBSD.org">
|
||||
audit-<strong>usr.sbin</strong>@FreeBSD.org</a>.</P>
|
||||
|
||||
<TABLE cellpadding=2>
|
||||
<TR><TH>Key</TH> <TH>Auditor/Reviewer Name and Email address</TH>
|
||||
<TR><TD>ab</TD> <TD>Aaron Bornstein <a href="mailto:aaronb@j51.com">aaronb@j51.com</a></TD>
|
||||
<TR><TD>ac</TD> <TD>Adrian Chadd <a href="mailto:adrian@psinet.net.au">adrian@psinet.net.au</a></TD>
|
||||
<TR><TD>ak</TD> <TD>Adam Kubicki <a href="mailto:apk@itl.waw.pl">apk@itl.waw.pl</a></TD>
|
||||
<TR><TD>am</TD> <TD>Albert Mietus <a href="mailto:albert@gamp.hacom.nl">albert@gamp.hacom.nl</a></TD>
|
||||
<TR><TD>avk</TD> <TD>Alexander V. Kalganov <a href="mailto:top@sonic.cris.net">top@sonic.cris.net</a></TD>
|
||||
<TR><TD>bb</TD> <TD>Bob Bishop <a href="mailto:rb@gid.co.uk">rb@gid.co.uk</a></TD>
|
||||
<TR><TD>bob</TD> <TD>Bob Willcox <a href="mailto:bob@luke.pmr.com">bob@luke.pmr.com</a></TD>
|
||||
<TR><TD>btm</TD> <TD>Brian T. Michely <a href="mailto:brianm@cmhcsys.com">brianm@cmhcsys.com</a></TD>
|
||||
<TR><TD>cg</TD> <TD>Coranth Gryphon <a href="mailto:gryphon@healer.com">gryphon@healer.com</a></TD>
|
||||
<TR><TD>cl</TD> <TD>Chris Lambertus <a href="mailto:cmlambertus@ucdavis.edu">cmlambertus@ucdavis.edu</a></TD>
|
||||
<TR><TD>crh</TD> <TD>Charles Henrich <a href="mailto:henrich@crh.cl.msu.edu">henrich@crh.cl.msu.edu</a></TD>
|
||||
<TR><TD>dc</TD> <TD>Dan Cross <a href="mailto:tenser@spitfire.ecsel.psu.edu">tenser@spitfire.ecsel.psu.edu</a></TD>
|
||||
<TR><TD>dg*</TD> <TD>David Greenman <a href="mailto:davidg@FreeBSD.org">davidg@FreeBSD.org</a></TD>
|
||||
<TR><TD>din</TD> <TD>Dinesh Nair <a href="mailto:dinesh@alphaque.com">dinesh@alphaque.com</a></TD>
|
||||
<TR><TD>dn</TD> <TD>David Nugent <a href="mailto:davidn@labs.usn.blaze.net.au">davidn@labs.usn.blaze.net.au</a></TD>
|
||||
<TR><TD>dob*</TD> <TD>David E. O'Brien <a href="mailto:obrien@FreeBSD.org">obrien@FreeBSD.org</a></TD>
|
||||
<TR><TD>dz</TD> <TD>Danny J. Zerkel <a href="mailto:dzerkel@phofarm.com">dzerkel@phofarm.com</a></TD>
|
||||
<TR><TD>ee</TD> <TD>Eivind Eklund <a href="mailto:eivind@FreeBSD.org">eivind@FreeBSD.org</a></TD>
|
||||
<TR><TD>eh</TD> <TD>Elijah Hempstone <a href="mailto:avatar@gandalf.bss.sol.net">avatar@gandalf.bss.sol.net</a></TD>
|
||||
<TR><TD>eh</TD> <TD>Ernest Hua <a href="mailto:hua@chromatic.com">hua@chromatic.com</a></TD>
|
||||
<TR><TD>ejc</TD> <TD>Eric J. Chet <a href="mailto:ejc@gargoyle.bazzle.com">ejc@gargoyle.bazzle.com</a></TD>
|
||||
<TR><TD>gl</TD> <TD>Giles Lean <a href="mailto:giles@nemeton.com.au">giles@nemeton.com.au</a></TD>
|
||||
<TR><TD>gvr*</TD> <TD>Guido van Rooij <a href="mailto:guido@FreeBSD.org">guido@FreeBSD.org</a></TD>
|
||||
<TR><TD>gw</TD> <TD>Graham Wheeler <a href="mailto:gram@oms.co.za">gram@oms.co.za</a></TD>
|
||||
<TR><TD>imp*</TD> <TD>Warner Losh <a href="mailto:imp@FreeBSD.org">imp@FreeBSD.org</a></TD>
|
||||
<TR><TD>jb</TD> <TD>Jim Bresler <a href="mailto:jfb11@inlink.com">jfb11@inlink.com</a></TD>
|
||||
<TR><TD>jha</TD> <TD>John H. Aughey <a href="mailto:jha@cs.purdue.edu">jha@cs.purdue.edu</a></TD>
|
||||
<TR><TD>jk</TD> <TD>Jerry Kendall <a href="mailto:Jerry@kcis.com">Jerry@kcis.com</a></TD>
|
||||
<TR><TD>jkh*</TD> <TD>Jordan K. Hubbard <a href="mailto:jkh@FreeBSD.org">jkh@FreeBSD.org</a></TD>
|
||||
<TR><TD>jm</TD> <TD>Josef Moellers <a href="mailto:mollers.pad@sni.de">mollers.pad@sni.de</a></TD>
|
||||
<TR><TD>jmb*</TD> <TD>Jonathan M. Bresler <a href="mailto:jmb@FreeBSD.org">jmb@FreeBSD.org</a></TD>
|
||||
<TR><TD>joe*</TD> <TD>Joe Greco <a href="mailto:jgreco@solaria.sol.net">jgreco@solaria.sol.net</a></TD>
|
||||
<TR><TD>ki</TD> <TD>Kenneth Ingham <a href="mailto:ingham@i-pi.com">ingham@i-pi.com</a></TD>
|
||||
<TR><TD>ky*</TD> <TD>Kazutaka YOKOTA <a href="mailto:yokota@zodiac.mech.utsunomiya-u.ac.jp">yokota@zodiac.mech.utsunomiya-u.ac.jp</a></TD>
|
||||
<TR><TD>marc</TD> <TD>Marc Slemko <a href="mailto:marcs@znep.com">marcs@znep.com</a></TD>
|
||||
<TR><TD>md</TD> <TD>Matt Dillon <a href="mailto:dillon@best.net">dillon@best.net</a></TD>
|
||||
<TR><TD>mr</TD> <TD>Mike Romaniw <a href="mailto:msr@cuc.com">msr@cuc.com</a></TD>
|
||||
<TR><TD>mrvm*</TD> <TD>Mark Murray <a href="mailto:mark@grondar.za">mark@grondar.za</a></TD>
|
||||
<TR><TD>or*</TD> <TD>Ollivier Robert <a href="mailto:roberto@keltia.freenix.fr">roberto@keltia.freenix.fr</a></TD>
|
||||
<TR><TD>pb</TD> <TD>Peter Blake <a href="mailto:ppb@baloo.tcp.co.uk">ppb@baloo.tcp.co.uk</a></TD>
|
||||
<TR><TD>peter*</TD> <TD>Peter Wemm <a href="mailto:peter@FreeBSD.org">peter@FreeBSD.org</a>
|
||||
<TR><TD>phk*</TD> <TD>Poul-Henning Kamp <a href="mailto:phk@FreeBSD.org">phk@FreeBSD.org</a></TD>
|
||||
<TR><TD>pst*</TD> <TD>Paul Traina <a href="mailto:pst@FreeBSD.org">pst@FreeBSD.org</a></TD>
|
||||
<TR><TD>rb</TD> <TD>Reinier Bezuidenhout <a href="mailto:rbezuide@oskar.nanoteq.co.za">rbezuide@oskar.nanoteq.co.za</a></TD>
|
||||
<TR><TD>rd</TD> <TD>Rajiv Dighe <a href="mailto:rajivd@sprynet.com">rajivd@sprynet.com</a></TD>
|
||||
<TR><TD>rel</TD> <TD>Roger Espel Llima <a href="mailto:espel@llaic.univ-bpclermont.fr">espel@llaic.univ-bpclermont.fr</a></TD>
|
||||
<TR><TD>rjk</TD> <TD>Richard J Kuhns <a href="mailto:rjk@grauel.com">rjk@grauel.com</a>
|
||||
<TR><TD>rm</TD> <TD>Robin Melville <a href="mailto:robmel@nadt.org.uk">robmel@nadt.org.uk</a></TD>
|
||||
<TR><TD>rs</TD> <TD>Robert Sexton <a href="mailto:robert@kudra.com">robert@kudra.com</a></TD>
|
||||
<TR><TD>sc</TD> <TD>Sergei Chechetkin <a href="mailto:csl@whale.sunbay.crimea.ua">csl@whale.sunbay.crimea.ua</a></TD>
|
||||
<TR><TD>tao</TD> <TD>Brian Tao <a href="mailto:taob@risc.org">taob@risc.org</a></TD>
|
||||
<TR><TD>tdr</TD> <TD>Thomas David Rivers <a href="mailto:ponds!rivers@dg-rtp.dg.com">ponds!rivers@dg-rtp.dg.com</a></TD>
|
||||
<TR><TD>witr</TD> <TD>Robert Withrow <a href="mailto:witr@rwwa.com">witr@rwwa.com</a></TD>
|
||||
<TR><TD>xaa</TD> <TD>Mark Huizer <a href="mailto:xaa@stack.nl">xaa@stack.nl</a></TD>
|
||||
<TABLE CELLPADDING="2"><TR><TH>Key</TH>
|
||||
<TH>Auditor/Reviewer Name and Email address</TH></TR>
|
||||
<TR><td>ab</TD>
|
||||
<TD>Aaron Bornstein <A HREF="mailto:aaronb@j51.com">
|
||||
aaronb@j51.com</A></TD></TR>
|
||||
<TR><td>ac</TD>
|
||||
<TD>Adrian Chadd <A HREF="mailto:adrian@psinet.net.au">
|
||||
adrian@psinet.net.au</A></TD></TR>
|
||||
<TR><td>ak</TD>
|
||||
<TD>Adam Kubicki <A HREF="mailto:apk@itl.waw.pl">
|
||||
apk@itl.waw.pl</A></TD></TR>
|
||||
<TR><td>am</TD>
|
||||
<TD>Albert Mietus <A HREF="mailto:albert@gamp.hacom.nl">
|
||||
albert@gamp.hacom.nl</A></TD></TR>
|
||||
<TR><td>avk</TD>
|
||||
<TD>Alexander V. Kalganov <A HREF="mailto:top@sonic.cris.net">
|
||||
top@sonic.cris.net</A></TD></TR>
|
||||
<TR><td>bb</TD>
|
||||
<TD>Bob Bishop <A HREF="mailto:rb@gid.co.uk">
|
||||
rb@gid.co.uk</A></TD></TR>
|
||||
<TR><td>bjn</TD>
|
||||
<TD>Brent J. Nordquist <A HREF="mailto:nordquist@platinum.com">
|
||||
nordquist@platinum.com</A></TD></TR>
|
||||
<TR><td>bob</TD>
|
||||
<TD>Bob Willcox <A HREF="mailto:bob@luke.pmr.com">
|
||||
bob@luke.pmr.com</A></TD></TR>
|
||||
<TR><td>btm</TD>
|
||||
<TD>Brian T. Michely <A HREF="mailto:brianm@cmhcsys.com">
|
||||
brianm@cmhcsys.com</A></TD></TR>
|
||||
<TR><td>cg</TD>
|
||||
<TD>Coranth Gryphon <A HREF="mailto:gryphon@healer.com">
|
||||
gryphon@healer.com</A></TD></TR>
|
||||
<TR><td>cl</TD>
|
||||
<TD>Chris Lambertus <A HREF="mailto:cmlambertus@ucdavis.edu">
|
||||
cmlambertus@ucdavis.edu</A></TD></TR>
|
||||
<TR><td>crh</TD>
|
||||
<TD>Charles Henrich <A HREF="mailto:henrich@crh.cl.msu.edu">
|
||||
henrich@crh.cl.msu.edu</A></TD></TR>
|
||||
<TR><td>dc</TD>
|
||||
<TD>Dan Cross <A HREF="mailto:tenser@spitfire.ecsel.psu.edu">
|
||||
tenser@spitfire.ecsel.psu.edu</A></TD></TR>
|
||||
<TR><td>dg*</TD>
|
||||
<TD>David Greenman <A HREF="mailto:davidg@FreeBSD.org">
|
||||
davidg@FreeBSD.org</A></TD></TR>
|
||||
<TR><td>din</TD>
|
||||
<TD>Dinesh Nair <A HREF="mailto:dinesh@alphaque.com">
|
||||
dinesh@alphaque.com</A></TD></TR>
|
||||
<TR><td>dn</TD>
|
||||
<TD>David Nugent <A HREF="mailto:davidn@labs.usn.blaze.net.au">
|
||||
davidn@labs.usn.blaze.net.au</A></TD></TR>
|
||||
<TR><td>dob</TD>
|
||||
<TD>David E. O'Brien <A HREF="mailto:obrien@NUXI.com">
|
||||
obrien@NUXI.com</A></TD></TR>
|
||||
<TR><td>dz</TD>
|
||||
<TD>Danny J. Zerkel <A HREF="mailto:dzerkel@phofarm.com">
|
||||
dzerkel@phofarm.com</A></TD></TR>
|
||||
<TR><td>ee</TD>
|
||||
<TD>Eivind Eklund <A HREF="mailto:eivind@FreeBSD.org">
|
||||
eivind@FreeBSD.org</A></TD></TR>
|
||||
<TR><td>eh</TD>
|
||||
<TD>Elijah Hempstone <A HREF="mailto:avatar@gandalf.bss.sol.net">
|
||||
avatar@gandalf.bss.sol.net</A></TD></TR>
|
||||
<TR><td>ehu</TD>
|
||||
<TD>Ernest Hua <A HREF="mailto:hua@chromatic.com">
|
||||
hua@chromatic.com</A></TD></TR>
|
||||
<TR><td>ejc</TD>
|
||||
<TD>Eric J. Chet <A HREF="mailto:ejc@gargoyle.bazzle.com">
|
||||
ejc@gargoyle.bazzle.com</A></TD></TR>
|
||||
<TR><td>gl</TD>
|
||||
<TD>Giles Lean <A HREF="mailto:giles@nemeton.com.au">
|
||||
giles@nemeton.com.au</A></TD></TR>
|
||||
<TR><td>gvr*</TD>
|
||||
<TD>Guido van Rooij <A HREF="mailto:guido@FreeBSD.org">
|
||||
guido@FreeBSD.org</A></TD></TR>
|
||||
<TR><td>gw</TD>
|
||||
<TD>Graham Wheeler <A HREF="mailto:gram@oms.co.za">
|
||||
gram@oms.co.za</A></TD></TR>
|
||||
<TR><td>imp*</TD>
|
||||
<TD>Warner Losh <A HREF="mailto:imp@FreeBSD.org">
|
||||
imp@FreeBSD.org</A></TD></TR>
|
||||
<TR><td>jb</TD>
|
||||
<TD>Jim Bresler <A HREF="mailto:jfb11@inlink.com">
|
||||
jfb11@inlink.com</A></TD></TR>
|
||||
<TR><td>jh</TD>
|
||||
<TD>Jake Hamby <A HREF="mailto:jehamby@lightside.com">
|
||||
jehamby@lightside.com</A></TD></TR>
|
||||
<TR><td>jha</TD>
|
||||
<TD>John H. Aughey <A HREF="mailto:jha@cs.purdue.edu">
|
||||
jha@cs.purdue.edu</A></TD></TR>
|
||||
<TR><td>jk</TD>
|
||||
<TD>Jerry Kendall <A HREF="mailto:Jerry@kcis.com">
|
||||
Jerry@kcis.com</A></TD></TR>
|
||||
<TR><td>jkh*</TD>
|
||||
<TD>Jordan K. Hubbard <A HREF="mailto:jkh@FreeBSD.org">
|
||||
jkh@FreeBSD.org</A></TD></TR>
|
||||
<TR><td>jm</TD>
|
||||
<TD>Josef Moellers <A HREF="mailto:mollers.pad@sni.de">
|
||||
mollers.pad@sni.de</A></TD></TR>
|
||||
<TR><td>jmb*</TD>
|
||||
<TD>Jonathan M. Bresler <A HREF="mailto:jmb@FreeBSD.org">
|
||||
jmb@FreeBSD.org</A></TD></TR>
|
||||
<TR><td>joe*</TD>
|
||||
<TD>Joe Greco <A HREF="mailto:jgreco@solaria.sol.net">
|
||||
jgreco@solaria.sol.net</A></TD></TR>
|
||||
<TR><td>ka</TD>
|
||||
<TD>Kalganov Alexander <A HREF="mailto:top@bird.cris.net">
|
||||
top@bird.cris.net</A></TD></TR>
|
||||
<TR><td>ki</TD>
|
||||
<TD>Kenneth Ingham <A HREF="mailto:ingham@i-pi.com">
|
||||
ingham@i-pi.com</A></TD></TR>
|
||||
<TR><td>ky*</TD>
|
||||
<TD>Kazutaka YOKOTA <A HREF="mailto:yokota@zodiac.mech.utsunomiya-u.ac.jp">
|
||||
yokota@zodiac.mech.utsunomiya-u.ac.jp</A></TD></TR>
|
||||
<TR><td>marc</TD>
|
||||
<TD>Marc Slemko <A HREF="mailto:marcs@znep.com">
|
||||
marcs@znep.com</A></TD></TR>
|
||||
<TR><td>md</TD>
|
||||
<TD>Matt Dillon <A HREF="mailto:dillon@best.net">
|
||||
dillon@best.net</A></TD></TR>
|
||||
<TR><td>mr</TD>
|
||||
<TD>Mike Romaniw <A HREF="mailto:msr@cuc.com">
|
||||
msr@cuc.com</A></TD></TR>
|
||||
<TR><td>mrvm*</TD>
|
||||
<TD>Mark Murray <A HREF="mailto:mark@grondar.za">
|
||||
mark@grondar.za</A></TD></TR>
|
||||
<TR><td>mu</TD>
|
||||
<TD>Mudge <A HREF="mailto:mudge@l0pht.com">
|
||||
mudge@l0pht.com</A></TD></TR>
|
||||
<TR><td>or*</TD>
|
||||
<TD>Ollivier Robert <A HREF="mailto:roberto@keltia.freenix.fr">
|
||||
roberto@keltia.freenix.fr</A></TD></TR>
|
||||
<TR><td>pb</TD>
|
||||
<TD>Peter Blake <A HREF="mailto:ppb@baloo.tcp.co.uk">
|
||||
ppb@baloo.tcp.co.uk</A></TD></TR>
|
||||
<TR><td>peter*</TD>
|
||||
<TD>Peter Wemm <A HREF="mailto:peter@FreeBSD.org">
|
||||
peter@FreeBSD.org</A></TD></TR>
|
||||
<TR><td>phk*</TD>
|
||||
<TD>Poul-Henning Kamp <A HREF="mailto:phk@FreeBSD.org">
|
||||
phk@FreeBSD.org</A></TD></TR>
|
||||
<TR><td>pst*</TD>
|
||||
<TD>Paul Traina <A HREF="mailto:pst@FreeBSD.org">
|
||||
pst@FreeBSD.org</A></TD></TR>
|
||||
<TR><td>rb</TD>
|
||||
<TD>Reinier Bezuidenhout <A HREF="mailto:rbezuide@oskar.nanoteq.co.za">
|
||||
rbezuide@oskar.nanoteq.co.za</A></TD></TR>
|
||||
<TR><td>rd</TD>
|
||||
<TD>Rajiv Dighe <A HREF="mailto:rajivd@sprynet.com">
|
||||
rajivd@sprynet.com</A></TD></TR>
|
||||
<TR><td>rel</TD>
|
||||
<TD>Roger Espel Llima <A HREF="mailto:espel@llaic.univ-bpclermont.fr">
|
||||
espel@llaic.univ-bpclermont.fr</A></TD></TR>
|
||||
<TR><td>rjk</TD>
|
||||
<TD>Richard J Kuhns <A HREF="mailto:rjk@grauel.com">
|
||||
rjk@grauel.com</A></TD></TR>
|
||||
<TR><td>rm</TD>
|
||||
<TD>Robin Melville <A HREF="mailto:robmel@nadt.org.uk">
|
||||
robmel@nadt.org.uk</A></TD></TR>
|
||||
<TR><td>rs</TD>
|
||||
<TD>Robert Sexton <A HREF="mailto:robert@kudra.com">
|
||||
robert@kudra.com</A></TD></TR>
|
||||
<TR><td>sc</TD>
|
||||
<TD>Sergei Chechetkin <A HREF="mailto:csl@whale.sunbay.crimea.ua">
|
||||
csl@whale.sunbay.crimea.ua</A></TD></TR>
|
||||
<TR><td>tao</TD>
|
||||
<TD>Brian Tao <A HREF="mailto:taob@risc.org">
|
||||
taob@risc.org</A></TD></TR>
|
||||
<TR><td>tdr</TD>
|
||||
<TD>Thomas David Rivers <A HREF="mailto:ponds!rivers@dg-rtp.dg.com">
|
||||
ponds!rivers@dg-rtp.dg.com</A></TD></TR>
|
||||
<TR><td>vk</TD>
|
||||
<TD>Vadim Kolontsov <A HREF="mailto:vadim@tversu.ac.ru">
|
||||
vadim@tversu.ac.ru</A></TD></TR>
|
||||
<TR><td>witr</TD>
|
||||
<TD>Robert Withrow <A HREF="mailto:witr@rwwa.com">
|
||||
witr@rwwa.com</A></TD></TR>
|
||||
<TR><td>xaa</TD>
|
||||
<TD>Mark Huizer <A HREF="mailto:xaa@stack.nl">
|
||||
xaa@stack.nl</A></TD></TR>
|
||||
</TABLE>
|
||||
|
||||
<h3>* = Has CVS commit privileges.</h3>
|
||||
<H3>* = Has CVS commit privileges.</H3>
|
||||
|
||||
&footer;
|
||||
</BODY>
|
||||
|
|
|
|||
|
|
@ -1,5 +1,5 @@
|
|||
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 3.2//EN" [
|
||||
<!ENTITY date "$Date: 1997-02-15 13:28:51 $">
|
||||
<!ENTITY date "$Date: 1997-02-19 13:49:11 $">
|
||||
<!ENTITY title "FreeBSD Security Guide">
|
||||
<!ENTITY % includes SYSTEM "includes.sgml"> %includes;
|
||||
]>
|
||||
|
|
@ -14,7 +14,7 @@
|
|||
|
||||
<H1>FreeBSD Security Guide</H1>
|
||||
|
||||
<em>Last Updated: $Date: 1997-02-15 13:28:51 $ </em>
|
||||
<em>Last Updated: $Date: 1997-02-19 13:49:11 $ </em>
|
||||
|
||||
<P>This guide attempts to document some of the tips and tricks used by
|
||||
many FreeBSD security experts for securing systems and writing secure
|
||||
|
|
@ -24,16 +24,20 @@ if and when they should happen. It also lists the various ways in which
|
|||
the systems programmer can become more security conscious and less likely
|
||||
to introduce security holes in the first place.
|
||||
|
||||
<p>We welcome your comments on the contents and correctness of this page.
|
||||
Please send email to <a href="mailto:security-officer@freebsd.org">the
|
||||
FreeBSD Security Officers</a> if you have changes you'd like to see here.
|
||||
|
||||
<H2>How to secure a FreeBSD system:</H2>
|
||||
|
||||
<UL>
|
||||
<LI>This section needs to be written.
|
||||
<LI>XXX This section needs to be written.
|
||||
</UL>
|
||||
|
||||
<H2>How to recover from a security compromise </H2>
|
||||
|
||||
<UL>
|
||||
<LI>This section also needs to be written.
|
||||
<LI>XXX This section also needs to be written.
|
||||
</UL>
|
||||
|
||||
<H2>Security Do's and Don'ts for Programmers:</H2>
|
||||
|
|
@ -50,8 +54,18 @@ to introduce security holes in the first place.
|
|||
<LI><A NAME="#rule1_1"></A>strcpy() and sprintf() calls from
|
||||
unbounded data. Use strncpy() and snprintf() when the length is known
|
||||
(or implement some other form of bounds-checking when it's not).
|
||||
In fact, never use gets(3) or sprintf(3), period.
|
||||
|
||||
<P><LI><A NAME="#rule1_2"></A>Watch for strvis() and getenv() abuse.
|
||||
<P><LI><A NAME="#rule1_2"></A>Watch for strvis(3) and getenv(3) abuse.
|
||||
strvis() is easy to get the destination string wrong for, and getenv()
|
||||
can return strings much longer than the user might expect - they are
|
||||
one of the key ways an attack is often made on a program, causing it
|
||||
to overwrite stack or variables by setting its environment variables
|
||||
to unexpected values. If your program reads environment variables,
|
||||
be paranoid!
|
||||
|
||||
<P><LI>Every time you see an open(2) or stat(2) call, ask yourself, "What
|
||||
if it's a symbolic link?"
|
||||
|
||||
<P><LI><A NAME="#rule1_3"></A>All uses of mktemp(), tempnam(), mkstemp(),
|
||||
etc.; make sure that they use mkstemp() instead. Also look for races in
|
||||
|
|
@ -61,6 +75,9 @@ to introduce security holes in the first place.
|
|||
<LI>Creating a directory. This will either succeed or fail.
|
||||
<LI>Opening a file O_CREAT | O_EXCL
|
||||
</UL>
|
||||
mkstemp(3) properly handles this for you, so all temp files should
|
||||
use mkstemp to guarantee there's no race and that the permissions
|
||||
are right.
|
||||
|
||||
<P><LI><A NAME="#rule1_4"></A>If an attacker can force packets to go/come
|
||||
from another arbitrary system then that hacker has complete control
|
||||
|
|
@ -144,6 +161,32 @@ to introduce security holes in the first place.
|
|||
|
||||
<P><LI><A NAME="#rule6"></A>Pay special attention to realloc() usage - more
|
||||
often than not, it's not done correctly.
|
||||
|
||||
<P><LI>When using fixed-size buffers, use sizeof() to prevent lossage when
|
||||
a buffer size is changed but the code which uses it isn't. For example:
|
||||
<LISTING>
|
||||
char buf[1024];
|
||||
struct foo { ... };
|
||||
...
|
||||
BAD:
|
||||
xxx(buf, 1024)
|
||||
xxx(yyy, sizeof(struct foo))
|
||||
GOOD:
|
||||
xxx(buf, sizeof(buf))
|
||||
xxx(yyy, sizeof(yyy))
|
||||
</LISTING>
|
||||
|
||||
<P><LI>Every time you see "char foo[###]", check every usage of foo to
|
||||
make sure it can't be overflowed. If you can't avoid overflow
|
||||
(and cases of this have been seen) then at least malloc the buffer
|
||||
so you can't walk on the stack.
|
||||
|
||||
<P><LI>Always close file descriptors as soon as you can -- this makes it
|
||||
more likely that the stdio buffer contents will be discarded. In
|
||||
library routines, always set any file descriptors that you open to
|
||||
close-on-exec.
|
||||
|
||||
<P>
|
||||
</UL>
|
||||
|
||||
&footer;
|
||||
|
|
|
|||
Loading…
Reference in a new issue