[OpenWrt-Devel] Did they check security of OpenWrt?

Alberto Bursi bobafetthotmail at gmail.com
Tue Aug 20 19:29:46 EDT 2019


On 21/08/19 00:24, Rich Brown wrote:
>
>> On Aug 20, 2019, at 5:32 PM, Rosen Penev <rosenp at gmail.com 
>> <mailto:rosenp at gmail.com>> wrote:
>> ... Issues are more nuanced than this though. These same people
>> several months ago mentioned a serious ASLR weakness with MIPS.
>> Patches went in the kernel for it.
>
> Does this mean that snapshot builds (with current kernels) now protect 
> against that MIPS vulnerability? What about the stable builds?
>
ASLR is not enabled on OpenWrt (as I said in a mail a few seconds ago) 
so any vulnerability in ASLR is irrelevant.


>
>
> What statements/assertions can we make about whether these are used to 
> create release or snapshot builds? Thanks to all who can contribute info.
>
>

In my other message I pointed to the source of the build system with the 
default options for various stuff.

The same hardening options are used for both release and snapshot 
releases afaik.

They differ only in default package selection (and on source version 
used of course)

-Alberto

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.infradead.org/pipermail/openwrt-devel/attachments/20190821/fefa4c50/attachment.htm>
-------------- next part --------------
_______________________________________________
openwrt-devel mailing list
openwrt-devel at lists.openwrt.org
https://lists.openwrt.org/mailman/listinfo/openwrt-devel


More information about the openwrt-devel mailing list