View Single Post
  #3   (View Single Post)  
Old 26th May 2010
ocicat ocicat is offline
Administrator
 
Join Date: Apr 2008
Posts: 3,318
Default

Quote:
Originally Posted by bettyblue View Post
Can anyone explain me this features...
Welcome.

The OpenBSD project is small. The target audience for the operating system is the project developers themselves. They just happen to make all source code open to anyone to do as they please (as long as copyright notices are preserved). The project does not have an extensive support structure in place, so users of the operating system are expected to be able to find their own answers. While many may interpret this to mean that Google is the solution to all problems, it is not. Having knowledge of what documentation the project makes available, & taking the time to study it in earnest marks successful users. As someone new to OpenBSD, you should study the project's official FAQ & official mailing list archives for answers to your questions. Understanding OpenBSD means understanding its culture. All conversation on technical matters quickly turn to the most authoritative source held by the project -- its manpages.

As noted earlier, your questions are very open-ended. Given that this is your first message at this site, we do not know what is your background or understanding to the Unix world & way of thinking. Consequently, I will give short answers to most of your questions. This may or may not be sufficient for you needs. You are invited to respond with more specific questions, but be forewarned that you should do your homework first. Study the information provided. Read through the FAQ. Doing anything less is short-changing yourself & your troubleshooting abilities. You are also invited to read the following thread which gives information on how to ask effective questions:

http://www.daemonforums.org/showthread.php?t=596

Quote:
# strlcpy() and strlcat()
Study the manpages -- strlcpy(3) & strlcat(3).
Quote:
# Chroot jailing
OpenBSD does not support jails in the FreeBSD sense. The extent of chroot can be found by studying the manpage -- chroot(8).
Quote:
* .rodata segment
This is a segment defined at the assembly language level containing read-only information. For more information, look at the general article found at Wikipedia:

http://en.wikipedia.org/wiki/Data_segment
Quote:
# Memory protection purify

* W^X
* Guard pages
* Randomized malloc()
* Randomized mmap()
* atexit() and stdio protection

# Privilege separation
# Privilege revocation
# New uids
# ProPolice
The project's leader, Theo de Raadt, gave a talk in 2004 which covers most of these items. The slides are available, & you should take the time to study them:

http://www.openbsd.org/papers/auug04/index.html

Again, follow-up questions are encouraged, but you will be doing yourself a favor by taking the time to study the information provided first.
Reply With Quote