Re: Is FreeBSD insecure?
- In reply to: Greg 'groggy' Lehey : "Re: Is FreeBSD insecure?"
- Go to: [ bottom of page ] [ top of archives ] [ this month ]
Date: Tue, 29 Apr 2025 12:57:07 UTC
Expletive filtering would have been nice right about now...
S/Dudley
On Tuesday, April 29, 2025 at 08:35:54 AM GMT+9, Greg 'groggy' Lehey <grog@freebsd.org> wrote:
On Monday, 28 April 2025 at 17:38:28 +0200, Dag-Erling Smørgrav wrote:
> [op not cc:ed because they're obviously a troll]
>
> Greg 'groggy' Lehey <grog@freebsd.org> writes:
>> Security is an important issue nowadays, and no operating system is
>> perfect. The FreeBSD project does everything possible to maintain its
>> good reputation, though so far I haven't seen anything that indicates
>> that the breach was the result of a FreeBSD bug. Was it maybe a third
>> party application, or incorrect configuration?
>
> It was allegedly an RCE in a long-unsupported version of
> Ghostscript, so not FreeBSD's fault at all.
Yes, I've since heard that too. See
https://www.theregister.com/2025/04/15/4chan_breached/, though it only
mentions out-of-date PHP and MySQL. That would have happened with any
operating system. But it's good to bring these details out into the
open.
Greg
--
When replying to this message, please copy the original recipients.
If you don't, I may ignore the reply or reply to the original recipients.
For more information, see http://www.lemis.com/questions.html
Sent from my desktop computer.
See complete headers for address and phone numbers.
This message is digitally signed. If your Microsoft mail program
reports problems, please read http://lemis.com/broken-MUA.php