DISCLAIMER: Logging other people's keystrokes or breaking
into other people's computer without their permission can
be considered illegal by the courts of many countries.
The monitoring software reviewed here is ONLY for authorized
system administrators and/or owners of computers.
We assume no liability and are not responsible for any misuse
or damage caused by the keylogging software. The end user of
this software is obliged to obey all applicable local, state,
federal and other laws in his country of residence.
May 13, 2008
25 year old BSD bug found and fixed
BSD's variants include OpenBSD, FreeBSD and NetBSD, and it forms the basis of Apple's Mac OS X operating system. All BSD derivatives were found to contain the bug, according to Marc Balmer, a Swiss developer closely involved with OpenBSD.
"Much to my surprise, I not only found this problem in all other BSDs or BSD-derived systems, like Mac OS X, but also in very old BSD versions," Balmer wrote in a Web site post on the issue. "The bug has been around for roughly 25 years or more."
The discovery of the bug sheds light on the process of maintaining and developing open-source software, which is handled by distributed developers rather than centralised teams, as is usual in the case of proprietary software.
Balmer said he was alerted to the problem by an OpenBSD user who found that Samba, an open source networking protocol, would crash when serving files from a filesystem using Microsoft Disk Operating System (MS-DOS) formatting.
He found that the problem was not with Samba but with OpenBSD itself, and that the bug was known to Samba developers. "Samba... uses a workaround, or replacement code, to access directories on the BSDs, since the directory reading code in all BSDs was flawed," Balmer wrote.
The problem was with the *dir() group of commands, such as telldir() and seekdir(), used to handle, open, read and interpret directories, according to Balmer.
After lengthy experimentation, he found that, if directory entries are deleted at a certain stage, the telldir() command returns errors and can crash programs. "This code will not work as expected when seeking to the second entry of a block where the first has been deleted," Balmer wrote.
He cited an e-mail from Kirk McKusick, the author of the original *dir() library, indicating that the bug may have been in the library from its initial version.
The long delay in fixing the problem is probably due to the fact that it does not surface often and that other programs, such as Samba, have created workarounds, according to Balmer.
After the long discovery time, the fix itself was "surprisingly simple", Balmer wrote, and will now be incorporated into OpenBSD and other operating systems using the same code.
"Sorry that it took us almost 25 years to fix it," Balmer wrote.
The OpenBSD project released version 4.3 earlier this month, featuring a large number of new drivers, software packages and bug fixes.
Source: ZDNet Australia
All news for July, 2008
All news for 2008 year
All news for 2007 year
All news for 2006 year
All news for 2005 year
All news for 2004 year
DONATION: Keylogger.org is an independent research
project supported by a team of enthusiasts. If you find this
project useful or would like to help foster its continued
development please consider making a donation using PayPal`s
online secure payment service. A PayPal account is not required.
All major credit cards are accepted (MasterCard/Eurocard,
Visa/Delta/Electron, American Express, Switch/Maestro, Solo).
Simply click the button below.
Any amount would be useful and appreciated!
Thanks in advance for your support!
|
