CIVINULL <civinull@i2pmail.org> wrote:

> https://www.bleepingcomputer.com/news/security/18-year-old-security-flaw-in-firefox-and-chrome-exploited-in-attacks/
> 
> I wonder if the sandboxing of Chromium and Firefox on OpenBSD will prevent it from being affected by this vulnerability.

Sorry, our sandboxing efforts does not solve this problem.

Instead, the problem was fixed in a series of commits in 1998, when the
OpenBSD kernel stopped considering 255.255.255.255 and 0.0.0.0 as
referring to localhost.

sys/netinet/in.c

revision 1.4
date: 1998/02/25 03:45:14;  author: angelos;  state: Exp;  lines: +20 -4;
Disallow TCP connects to 255.255.255.255 or local broadcast addresses.
revision 1.5
date: 1998/02/25 04:53:09;  author: angelos;  state: Exp;  lines: +2 -2;
Pay attention.
revision 1.7
date: 1998/02/25 23:44:57;  author: deraadt;  state: Exp;  lines: +4 -17;
patch could not have been tested. panics machine on boot
revision 1.8
date: 1998/02/28 03:39:56;  author: angelos;  state: Exp;  lines: +20 -4;
Another shot at disallowing TCP connections to 255.255.255.255,
0.0.0.0 and any local broadcast addresses. Tested.


I suspect RFC's this work preceeded RFCs which didn't require that
bizzare historical behaviour; I have not dug into my mail archives
to remember how this played out.


I forget what protocol worried us back in those days, to let us to fix
it.  Today it is chrome and firefox.  Next year this will some other
protocol or program, because there are operating systems who don't want
to fix this issue (or issues like it) at the correct layer because they
don't are unwilling to perform an ecosystem study to find the rare things
using it, force their repair, and then cut out the tumour.