-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Randall Craig wrote: > On Thu, 2 Dec 2004 10:58:02 -0600, Randall Craig <[EMAIL PROTECTED]> wrote: > Ok I am super duper new to this list and also new to *nix... i will > never go back to M$ ceptin for gaming purposes... I am running on OS > X.3.3 and was wanting to know if the Security Alert pertaining to > FreeBSD would also affect my system. I know that BSD is running > underneath OS X... I am fairly sure that Apple is aware of it by > now-. > thnx
No. When people comment that OSX runs on BSD, they don't mean that OSX actually runs a FreeBSD kernel. It does not (it runs XNU, based on Mach but incorporating BSD code). Read [http://www.kernelthread.com/mac/osx/arch_xnu.html] for more information. Specifically regarding this vulnerability, MacOSX does not have procfs (/proc on systems that have it), so it's hard to imagine that it is subject to this vulnerability. On a side-note, Apple is pretty tightlipped about vulnerabilities (much the way Microsoft used to be, though they *seem* to be learning their lesson, from what I've heard). Apple should follow the lead set by other vendors and recognize that once a vulnerability is public, the responsible path is to acklowedge and publish workarounds or fixes, not deny the problem until a final solution is available. Dan - -- Dan "KrispyKringle" Margolis Security Coordinator/Audit Project, Gentoo Linux -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.4 (Darwin) iQEVAwUBQa+H+rDO2aFJ9pv2AQJbyQf8DcnBTOQdpqfZSRPIAaW/g/FE+/YYJFAG AqHovG9SJ9JGVmzLW+3fFWXSqevzaxmIkaj/WzSDxDFb9MD4H9jwGdFD7AXyHTFS go5c0t8r7auNrwhwxJiiJyyH3Y3rBAJQqJyRNFlRt7qL8rCG2Hzo1u1Yvrm6tcHG KxJ2XU3EqavBghT9iQXVTcOTf66e6MzTrOI0c/xffcvjAu2XTyXXNnsj0wloTv04 JqdenT/SfLe0LowY6cpT2p1W0r/x5UkU2jlaTxkvmNvDbKsuvhMBX5CRw9QZv/pj v72fjnpIoMPQ+WM6ykk06b6T5c0+tAXV0IGoRoddLibZsJM+bBbdSQ== =RjMr -----END PGP SIGNATURE----- _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
