[GTALUG] interesting article on FreeBSD kernel almost getty dangerous code
William Park
opengeometry at yahoo.ca
Sun Mar 28 16:39:05 EDT 2021
Solution: pay the testers and programmers.
On 3/28/21 2:47 PM, D. Hugh Redelmeier via talk wrote:
> <https://arstechnica.com/gadgets/2021/03/buffer-overruns-license-violations-and-bad-code-freebsd-13s-close-call/>
>
> Summary: a WireGuard port to FreeBSD was sponsored by Northgate (pfSense
> company). The port was of poor quality and dangerously so. Nobody caught
> it until after pfSense was released with it, and just before FreeBSD
> released it. The messenger was tortured, but not shot.
>
> Bonus: the guy who ported the code was a felon / bad landlord.
>
> Lesson: open source software does not get enough quality control.
> Especially code that might affect security. Some Linux distros attempt QC
> (e.g. RedHat) but I'm sure it is inadequate.
> ---
> Post to this mailing list talk at gtalug.org
> Unsubscribe from this mailing list https://gtalug.org/mailman/listinfo/talk
More information about the talk
mailing list