Hacker Newsnew | comments | show | ask | jobs | submit login

In 2006 one of my teachers, Mr Etiemble, told us about a paper he's participated in to illustrate that no matter how good the security models can be at each level of abstraction, it only needs one piece of code that uses a vertical design to make the overall layers of security models worthless…

http://scholar.google.fr/citations?view_op=view_citation&hl=...

N.B.: That article is really worth a read!

And then, as one could have expected at the time, TdR had a really strong reaction on the matter (can't find the e-mail for reference), saying that OpenBSD is anyway secure, except if you want to have "modern accelerated graphics" (or something less subjective, that's iirc)…

…and here we are eight years later, to finally have the OpenBSD guys show off they've done it. I don't know if that should bug me they needed 8 years to patch that bug that was not really one (as per Theo) or if I should be amazed by the work done to secure that incredible mess that is Xorg :-)

cheers and gg, guys!




Guidelines | FAQ | Support | API | Lists | Bookmarklet | DMCA | Y Combinator | Apply | Contact

Search: