Trace the Route <trace.the.ro...@protonmail.com> wrote: > Is it possible to include a newer version of mrouted in the base > installation of OpenBSD? The existing version of mrouted (v3.8) is > obviously quite old and lacks functionality found in newer versions. > > For example, the existing version of mrouted is not able to bind to > both ends of a pair(4) interface, whereas the latest version (v4.4) > has no issue with this.
I haven't heard of anyone using mrouted in a very long time. This is an imported daemon which has almost no maintainance or security work. No chroot, no pledge, no unveil -- I see no evidence of any privsep at all! I also don't see any serious audit/review in the commit logs. Unfortunately I suspect new code would be similarily weak. Let me guess, upstream calls srandom()...