Ilja van Sprundel and Michael Smith have done a security audit of the jails sub system of FreeBSD, trying to exploit it and get out of jails.
Over 40 issues were reported to the FreeBSD security system, which van Sprundel praises as very professional and helpful. He also noted that this is not about pointing fingers and laugh, because writing an OS is really hard and painful.
He also developed over 5 different exploits, demonstrated and explained them.
Quite an interesting talk, and how he put it "Exploitation was realistic and way too easy."
As conclusion he's calling for more auditing, don't leak critical kernel pointers, Rust and other measures.
View: https://www.youtube.com/watch?v=obia_Ubu_Rw
Over 40 issues were reported to the FreeBSD security system, which van Sprundel praises as very professional and helpful. He also noted that this is not about pointing fingers and laugh, because writing an OS is really hard and painful.
He also developed over 5 different exploits, demonstrated and explained them.
Quite an interesting talk, and how he put it "Exploitation was realistic and way too easy."
As conclusion he's calling for more auditing, don't leak critical kernel pointers, Rust and other measures.