This is from NewsForge: Understanding NetBSD 2.0's new technology
http://www.newsforge.com/article.pl?sid=04/12/22/1954233
A complete list of the changes and new features in NetBSD 2.0 can be
found in the "changes" guide, but here are the highlights:
* Native thread support has been added, based on scheduler
activations. Applications which support native threads can now take
full advantage of the high-performance NetBSD POSIX threads
implementation.
* Kernel events notification framework: kqueue provides a stateful
and efficient event notification framework. Currently supported events
include socket, file, directory, fifo, pipe, tty and device changes,
and monitoring of processes and signals. kqueue is supported by all
writable file systems in the NetBSD tree (with the exception of Coda)
and all device drivers supporting poll().
* Improvements have been made to NetBSD's Linux emulation to
support the latest Sun JDK/JRE for Linux. Testing has shown that it
now runs as well as it does on Linux natively.
* NetBSD 2.0 enforces non-executable mappings on many platforms.
This means that the process stack and heap mappings are non-executable
by default, making exploitation of potential buffer overflows harder.
NetBSD 2.0 supports PROT_EXEC permission via mmap() for all platforms
where the hardware differentiates execute access from data access,
though not necessarily with single-page granularity. When the hardware
has a larger granularity, the rule is that if any page in the larger
unit is executable, then the entire larger unit is executable,
otherwise the entire larger unit is not executable.
* The i386 port now supports SMP and has a new ACPI and power
management framework which takes advantage of Intel's ACPI
implementation.
* FreeBSD's UFS2 has been ported to NetBSD. UFS2 is an extension
to FFS, adding 64 bit block pointers and support for extended file
storage. Among other enhancements, UFS2 allows for file systems larger
than 1Terabyte.
* The systrace framework has been added to the system. systrace
monitors and controls an application's access to the system by
enforcing access policies for system calls. The systrace utility might
be used to trace an untrusted application's access to the system. In
addition, it can be used to protect the system from software bugs
(such as buffer overflows) by constraining a daemon's access to the
system. The privilege elevation feature of systrace can be used to
obviate the need to run large, untrusted programs as root when only
one or two system calls require the elevated privilege.
* Verified Exec support has been added in this release. Verified
Exec verifies a cryptographic hash before allowing execution of
binaries and scripts. This can be used to prevent a system from
running binaries or scripts which have been illegally modified or
installed. In addition, Verified Exec can also be used to limit the
use of script interpreters to authorized scripts only and disallow
interactive use.
________________________________________________________________
>From the NetBSD advocacy list:
Dispelling NetBSD myths.
------------------------
It is almost geek folklore that the various 4.4BSD derived operating
systems; FreeBSD, NetBSD, OpenBSD and DragonflyBSD are at continious
war at each other, that their development is split and that they each
work solely on a single pillar. FreeBSD adresses performance, NetBSD
portability and OpenBSD security. DragonflyBSD has yet to find a
base pillar to build the hype upon.
This document is about dispelling the myth of NetBSD. We wish to
address the portability myth and show that NetBSD first and foremost is
a UNIX operating system capable of fulfilling many tasks, including
desktop systems, servers, embedded devices, firewalls and routers.
Fact is that NetBSD is portable. Currently the port count
exceeds 50. To most users, running the i386 port, this would seem to be
a mere curiosity, but as we shall see, this guiding principle leads to
a very flexible system. What makes the myth is the fact that NetBSD
uses portability as a philosophy for creating an UNIX-like operating
system.
First of all, if the same machine independent code gets to run on
different architectures, more bugs are weeded. This is because
different ports use the system differently and thus the critical parts
of the kernel gets exercised in different ways. The net result is
increased stability, something most users would want. Also, the
many ports guides the principle of clean code and simplicity. The
system has to be composed in a modularised way such that the many
architectures can utilize each part optimally. This gives readability
to the source code.
Now the ball is rolling. Given a clean, stable and readable base, one
can quickly change the base, tuning it for performance. This is indeed
what happens in NetBSD. In 2003, Felix von Leitner did a scalability
test of various free UNIX systems. NetBSD-current was amongst the
contenders and did perform quite good, but had regressions with some
tests, which exhibited O(n) behaviours. In 14 days of time, the
NetBSD developers was able to push many of these O(n)
behaviours to O(1) behaviours. The reason this could be done so fast
is a testament to the principle of clean, readable code.
Security is also helped by clean, readable code. Programmers make
fewer errors and so, there are less opportunities for a security hole
to sneak in. NetBSD also supports various proactive approaches to
security: non-executeable stack and heap, sandboxing of processes
with fine granularity for which system calls the process is allowed
to make (systrace), cryptographic disks (cgd), RAID functionality
(RAIDFrame) and protection against file trojaning (veriexec) to name
a few.
_______________________________________________
CWE-LUG mailing list
http://www.cwelug.org/
CWE-LUG@lists.firepipe.net
http://lists.firepipe.net/listinfo/cwe-lug
