Remix.run Logo
uticus 3 hours ago

> Only two remote holes in the default install, in a heck of a long time!

https://www.openbsd.org/

https://en.wikipedia.org/wiki/OpenBSD#Security_record

anonym29 3 hours ago | parent [-]

LPE (to root) is serious, but it's not a remote hole.

ptx 33 minutes ago | parent [-]

Is this functionality accessible from sandboxed processes? That would make a remote hole much more dangerous when one is found, anyway. The CVE seems to concern SysV semaphores and the pledge(2) man page doesn't seem to mention those.

brynet 12 minutes ago | parent [-]

No.

https://github.com/openbsd/src/blob/d5b0ed23b6fe61f0278c37a4...