BSD Cafe Billboard

@DianeBruce thank you!

syslogd(8) privileged and non-privileged parts now separate binaries https://www.undeadly.org/cgi?action=article;sid=20260612080210 #openbsd #syslogd #privsep #privelegeseparation #separation #security #logging #development

Hey #OpenBSD users. I have slowly been working on this now-sprawling hotplugd(8) attach script but I'm not a fan of how messy and complex it has gotten. Any tips to clean it up and make it more modular? I don't like the usbdevs hack, it feels uncomfortable to me for some reason. How do your hotplugd(8) scripts look? /etc/hotplug $ bat -l sh -pp attach #!/bin/ksh DEVCLASS=$1 DEVICE=$2 [ "$DEVCLASS" -eq 0 ] || exit 0 case "$DEVICE" in ugen*) # printer for CUPS if usbdevs -v | grep -q '03f0:dd11'; then ugen=$(usbdevs -v | awk ' /03f0:dd11/ { found=1 } found && /driver: ugen[0-9]+/ { sub(/^[[:space:]]*driver: /, "") print exit } ') [ "$DEVICE" = "$ugen" ] || exit 0 usbctl=$(usbdevs -v | awk -v dev="$ugen" ' /^Controller \/dev\/usb[0-9]+:/ { ctl=$2 sub(":", "", ctl) } $0 ~ ("driver: " dev "$") { print ctl exit } ') logger -t hotplug "Printer attached" if [ -n "$usbctl" ]; then chown _cups:_saned /dev/${ugen}.* "$usbctl" chmod 660 /dev/${ugen}.* "$usbctl" fi # usb midi keyboard setup for LMMS elif usbdevs -v | grep -q '28e9:0001'; then logger -t hotplug "USB Midi Keyboard Attached" ( midicat -q midi/0 -q midithru/0 ) & fi ;; uvideo*) # usb webcam setup for video calls logger -t hotplug "USB Webcam attached" chown nobody:nobody /dev/video* chmod 0777 /dev/video* ;; esac

Just read a great write-up by @miodvallat@hostux.social on the 2002 OpenSSH trojan incident.It's a fantastic look at early incident response, code auditing, and how OpenBSD handled one of the first major software supply-chain attacks.Definitely worth a read:http://miod.online.fr/software/openbsd/stories/trojan.html#openbsd #openssh #security

⇒ OpenBSD under QEMU Architecture specific notes for OpenBSD guests under QEMU, with working command lines where installation succeeds and failure points where it does not. https://kirill.korins.ky/articles/openbsd-under-qemu/

(06/10) ⇒ A Final Return for OpenBSD Anti-Return-Oriented Programming Mitigations Return-Oriented Programming (ROP) continues to be a serious attack taking advantage of flaws in memory unsafe languages, particularly buffer overflows, to launch arbitrary code execution attacks by chaining together pieces of already existing code in loaded binaries and shared libraries, called gadgets. With the continued reliance on x86_64 CPUs in cloud and personal servers, mitigations that can meaningfully reduce the success of ROP attacks without significant overhead continue to be attractive. We propose the porting of one such software-based anti-ROP mitigation proposed by OpenBSD: compile-time instruction rewriting to avoid opportunities for ROP exploitation. We bring this mitigation, originally developed for the custom OpenBSD implementation of the LLVM compiler suite, to GCC by way of a standalone utility that sits in between the compiler and the assembler and rewrites potential gadget instructions before assembly into object code. Our utility provides a minimal reduction in gadgets with some penalties in binary sizes and performance impacts. We compare our GCC-ported standalone utility to the original OpenBSD LLVM mitigation and discovered that our standalone utility is weaker compared to the original LLVM-based mitigation. However, due to the overall weak reduction in gadgets for both the LLVM-based and GCC-based implementations, we conclude that seemingly obvious mitigations may prove to be anything but, and caution providing security improvements without significant testing and evaluation. https://www.researchgate.net/publication/405728967_A_Final_Return_for_OpenBSD_Anti-Return-Oriented_Programming_Mitigations ping: https://bsd.network/@bcallah/116725877009964245 It seems to be my 200th post here…

By the way, our first two publications on evaluating #OpenBSD mitigations are out. Both of these papers evaluate some amd64 anti-ROP mitigations: specifically changing the register selection order and semantically equivalent rewriting of instructions that may produce a potential polymorphic gadget instruction. This tracks a paper by mortimer@ back in 2019 at AsiaBSDCon.The TL;DR is "OpenBSD can shrink binaries a little and gain a little performance without any security loss simply by reverting these mitigations." The mitigations did not hold up to independent evaluation.The first paper did an exact 1:1 port of these mitigations to FreeBSD and found that register reallocation eliminates only about 0.3% of unique gadgets, for a 0.5% increase in binary size (mortimer@ claimed 6% reduction and "entirely free"). It is useless at best but more likely actively detrimental, as it produces a false sense of security. It also found the instruction rewriting reduces unique gadgets by about 3.5% with a binary size increase of about 1.8% (mortimer@ claimed 5% reduction with 0.15% binary size increase).We then did a separate implementation of the instruction rewriting mitigation to GCC in the second paper. Our GCC implementation does the older <xchg; op; xchg> dance, as that's what mortimer@'s paper described. This is way worse; producing about a 3% performance hit for no security benefit at all.The only part of both mitigations worth saving is for basic arithmetic, OpenBSD LLVM now takes advantage of the fact that basic arithmetic has two forms. For example, the newer instruction rewriting mitigation turnsaddq %rax, %rbx (48 01 c3)into{load} addq %rax, %rbx (48 03 d8)The new instruction rewriting mitigation is genuinely free in terms of binary size and execution speed, but doesn't move the security needle, so this one can stay as it is harmless. Other rewritings still have the flaw of increasing binary size and reducing performance for no security benefit.Anyhow feel free to read the papers:https://ieeexplore.ieee.org/abstract/document/11458911https://www.researchgate.net/publication/405728967_A_Final_Return_for_OpenBSD_Anti-Return-Oriented_Programming_Mitigations#BSD #FreeBSD #NetBSD #DragonFlyBSD #Linux #Unix #security #cybersecurity

Pomera is meant only for writing, not to be multi-purpose PC, also installing OpenBSD might turn Pomera into paperweight. Anyhow, thank you! The prize is yours! Absolutely new cirrus cloud, to be picked up directly from your sky!

Here is your last #OpenBSD story before the summer break: that one time OpenSSH was used in a supply-chain attack, before that expression was even coined.http://miod.online.fr/software/openbsd/stories/trojan.html

@mike_k I set the time and tried again. Still no luck. I've never had this issue on other devices. I also didn't have this issue on my last arm64 RPi install... the only difference in that one was that I installed the sets from http.

@fionescu Thanks, learned something new!https://en.wikipedia.org/wiki/XNU

@goldfish

@Tionisla @orbite Looks good

Do you want to come to Brussels, mingle with BSD people, perhaps do a talk, a tutorial or a BOF session?The Call for papers https://2026.eurobsdcon.org/cfp/ is open until June 20th, for the conference in Brussels September 9-13, 2026.We also offer pre-submission guidance/mentoring, see within.Wonder what BSD and the conferences are about? See https://nxdomain.no/~peter/what_is_bsd_come_to_a_conference_to_find_out.html@EuroBSDCon #freebsd #netbsd #openbsd #freesoftware #libresoftware #brussels #bruxelles

Hotel Discount Expires The block booking for the hotel is expiring soon!https://2026.eurobsdcon.org/accomodation.htmlIf you were planning to book your hotel early now is your chance!https://www.warwickhotels.com/hotel-barsey-by-warwick/book/dates-of-stay?domain=2026.eurobsdcon.org&groupID=4846572Hotel Barsey by WarwickLouizalaan 381-383, 1050 BrusselLocated near the Flagey area, know for its restaurants and bars.#RUNBSD #FreeBSD #NetBSD #OpenBSD #EuroBSDCon #EuroBSDCon2026 #BSD

TIL that #OpenBSD's #pf doesn't whinge about using variables in CIDR notation:wan_if="ixv0"dmz_if="ixv1"dmz_cidr="24"pass in on $wan_if to ($dmz_if:network)/$dmz_cidrI haven't tested to see if it does what I *intended*, but at least$ pfctl -nvf test.pfdoesn't spew errors… (even if it feels kinda dirty)

Remember, sending even 5 monies helps.#OpenBSDDirect donationsOfficial merch#NetBSDDirect donationsMerch#somafmDirect donationsMerch#unix_surrealismDirect donationsMerch

@justine great, thank you!

Happy pufferfish #openbsd

Isn't it time for yet another old #OpenBSD story? Yes it is!Today, we'll see how a specificity of the HP 9000/300 series workstations still survives in most BSD flavours those days, even those which do not support these systems anymore.http://miod.online.fr/software/openbsd/stories/topcat.html