FreeBSD and Google Summer of Code 2009

Google is now hosting the Google Summer of Code for the 5th year running, and FreeBSD has been selected again as eligible for the mentoring organisation.

If you or any other student is interested in contributing to the development of FreeBSD and get paid for doing so, have a look at the FreeBSD Summer of Code 2009 page. You can find here general information, info on past projects, sample project ideas, guidelines etc etc.

Key dates to note:

 

  • March 23 - Student application period opens
  • April 3 - Student application deadline.
  • April 15 – The End of applications
  • April 20 - ccepted student proposals announced on the Google Summer of Code 2009 site
  • May 23 – Project officially began
  • July 6 - Mentors and students can begin submitting mid-term evaluations
  • July 13 - Mid-term evaluations deadline
  • August 10 – Suggested ‘pencils down’ date. Take a week to scrub code, write tests, improve documentation, etc.
  • August 17 - Firm ‘pencils down’ date. Mentors, students and organization administrators can begin submitting final evaluations to Google
  • August 24 – final assessment deadline
  • August 25 - Final results of GSoC 2009 announced
  • September 3 - Students can begin submitting required code samples to Google

FreeBSD and Google’s Summer of Code (GSoC)

The FreeBSD Project is pleased that Google has once again invited the FreeBSD Project to participate in their Summer of Code program, which pays student developers to work on Open Source projects.

Over the last four years, over 70 Summer of Code projects have generated improvements to almost every part of FreeBSD; many of the students have gone on to become permanent members of FreeBSD’s international development team.

Students interested in working with the FreeBSD Project should start preparing now by visiting the Google Summer of Code website and the FreeBSD Summer of Code site and discussing their ideas on one of the FreeBSD public mailing lists or on the #freebsd-soc IRC channel on EFNet. P.S. Please pass along this post or one of these posters to anyone who might be interested.

Source: FreeBSD Announce Mailinglist

FreeBSD Security Advisory (ktimer)

The FreeBSD Security Team has issued the following security warning:

FreeBSD-SA-09:06.ktimer – Local privilege escalation

I. Background

In FreeBSD 7.0, support was introduced for per-process timers as defined in the POSIX realtime extensions. This allows a process to have a limited number of timers running at once, with various actions taken when each timer reaches zero.

II. Problem Description

An integer which specifies which timer a process wishes to operate upon is not properly bounds-checked.

III. Impact

An unprivileged process can overwrite an arbitrary location in kernel memory. This could be used to change the user ID of the process (in order to “become root”), to escape from a jail, or to bypass security mechanisms
in other ways.

IV. Workaround

No workaround is available, but systems without untrusted local users are not vulnerable.

V. Solution

Perform one of the following:

1) Upgrade your vulnerable system to 7-STABLE, or to the RELENG_7_1 or RELENG_7_0 security branch dated after the correction date.

For instructions on how to patch your system click here.

Tomahawk Desktop switches to FreeBSD; from Linux

According to this  press release Tomahawk Computers has changed its Tomahawk Desktop from Linux to FreeBSD.

Tomahawk Desktop switches to BSD and raise funds

Tomahawk Computers Pte Ltd, Singapore, the makers of the Tomahawk Desktop operating system, is pleased to announce that the next version of the Tomahawk Desktop operating system would be based on the rock solid BSD code.

Tomahawk Desktop operating system is a general purpose operating system for personal computers/laptops based on BSD code with K Desktop Environment (KDE).

Current predicament of the desktop operating system market is people are in fact left with only two choices, either live with very serious security issues or buy software tied to hardware at high premium. This situation obviously create a lucrative and large market opportunity for us.

Our mission is to offer a secure operating system for desktop, laptop and mobile devices markets based on widely known Unix strengths for both closed source as well as open source applications and drivers to flourish without any legal hassle on wider choice of hardware.

Tomahawk’s main reason for switching is the GPL license and the Linux kernel:

Linux is an operating system kernel. FreeBSD is a tightly integrated operating system release.

Links:

Press Release | Fund Raising & Reasons for switch |  Website

Switching Firewalls from ipf to pf on FreeBSD

Christopher writes:

It’s time to deploy a new FreeBSD firewall, and I thought I’d check out pf instead of my standard ipf package.

pf is written by the OpenBSD team, and was designed to replace ipf because of the licensing issues with that code not being a proper BSD license. There’s also some political issues, but I’ll leave those along.

The Background:

Since the early days my office firewalls have been FreeBSD platforms. I’ve always loved the BSD platform, back from the days where I built an ISP around the BSDi package in the early 90′s.

For as long as I can remember, I’ve been using ipf (ipfilter) by Darren Reed. It became so standard that FreeBSD started including it in their releases which makes life much easier.

…. continues

Read the whole article  (christopher-technicalmusings.blogspot.com – 03/03/2009)

Thank you, Edmondas, for sharing.