OpenBSD developers might be keen on the 1980s in their artwork, but not in their operating system: Version 6.0 has just landed, and the maintainers have killed off VAX support.
Apart from a logo that pays homage to the cover art for the iconic album The Wall, there's a fair amount of new stuff landing in OpenBSD 6.0.
W^X – write or execute – provides executable space protection. Any page in the kernel address space allocated to a process can be writable or executable, but never both.
From the release notes: “Binaries can only violate W^X if they're marked with
PT_OPENBSD_WXNEEDED and their filesystem is mounted with the new
Christian Weisgerber explains “Without W^X, an attacker can load their own code into memory and then execute it.”
Along with the death of VAX, Linux emulation and
kern.usermount have been removed. The release notes remark that nobody was maintaining emulation (needed to run Linux-only binaries) and almost nobody seemed to be using it.
The loss of
kern.usermount isn't going to ruin anyone's life either, because the
doas command lets users mount devices.
The devs also tout ARM improvements in the release, plus updates to OpenSSH, OpenSMTPD, OpenNTPD, OpenBGPD, and LibreSSL. ®
Sponsored: Webcast: Simplify data protection on AWS