This was posted in the News subforum earlier today:
http://daemonforums.org/showthread.php?t=10005
But, as your question is OpenBSD-specific, please note that a discussion thread has begun on the misc@ mailing list:
http://marc.info/?t=147695300800002&r=1&w=2
Peter Hansteen, author of The Book of PF, noted in his reply to that thread (highlight mine):
Quote:
The paper has no(!) references to OpenBSD, they never show any actual code, and it appears that this is a local exploit that seems to require that the victim and spy processes share the same virtual address space, meaning that ASLR isn't actually enabled.
|