Shows
BSD Now330: Happy Holidays, All(an)Authentication Vulnerabilities in OpenBSD, NetBSD 9.0 RC1 is available, Running FreeNAS on a DigitalOcean droplet, NomadBSD 1.3 is here, at e2k19 nobody can hear you scream, and more.
Headlines
Authentication vulnerabilities in OpenBSD
We discovered an authentication-bypass vulnerability in OpenBSD's authentication system: this vulnerability is remotely exploitable in smtpd, ldapd, and radiusd, but its real-world impact should be studied on a case-by-case basis. For example, sshd is not exploitable thanks to its defense-in-depth mechanisms.
From the manual page of login.conf:
OpenBSD uses BSD Authentication, which is made up of a variety of authentication...2019-12-261h 15BSD Now39: The Friendly SandboxThis time on the show we'll be talking with Jon Anderson about Capsicum and Casper to securely sandbox processes. After that, our tutorial will show you how to encrypt all your DNS lookups, either on a single system or for your whole network. News, emails and all the usual fun, on BSD Now - the place to B.. SD.
This episode was brought to you by
Headlines
BSDCan 2014 talks and reports
The majority of the BSDCan talks are finally uploaded, so prepare to be flooded with links
Karl Lehenbauer's keynote...2014-05-281h 02