l i n u x - u s e r s - g r o u p - o f - d a v i s
L U G O D
 
Next Meeting:
September 2: Social gathering
Next Installfest:
TBD
Latest News:
Aug. 18: Discounts to "Velocity" in NY; come to tonight's "Photography" talk
Page last updated:
2001 Dec 30 17:03

The following is an archive of a post made to our 'vox-tech mailing list' by one of its subscribers.

Report this post as spam:

(Enter your email address)
Re: [vox-tech] Re: OpenBSD and Security
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [vox-tech] Re: OpenBSD and Security



On Thu, Apr 12, 2001 at 01:37:17AM -0700, Deja User wrote:

> You should really research OpenBSD if you are interested. They have
> done MAJOR work to secure/harden their system. I read they have
> basically gone line-by-line through the code (and continue to do so)
> to find bugs/insecurities. They have also found many bugs in
> third-party software as a result of their diligence and effort, and
> have contributed these back to the community. They have done a lot
> of hard work, enabling you to get on with the business of serving,
> instead of patching/updating. Since no one can know it all, it is
> nice to know that many have already helped you before you even
> install the system. In this sense, OpenBSD, IMO, is superior
> out-of-the-box than Linux, at least security-wise. However, to each
> his own. (Trusted Solaris!)

Bill's point, I believe, is that BSD uses the same tools for the
things mentioned below that Linux tends to: bind for DNS, BSD ftpd for
FTP, OpenSSH for ssh, Sendmail for mail delivery, etc.  All of these
things have had a history of deep security issues, and affects BSD
exactly as much as it does Linux.

Their kernel is almost the only part of BSD which is really different
from Linux, and the security of that compared to the security of Linux
is debatable.  It is true that Linux kernels often have more
"experimental" and "unstable" sections to them (clearly delineated -
in fact, I've heard at least one BSD user lament the lack of "fenced
out" experimental features in the BSD kernels).  But many would often
point out that because of the rapid development process for Linux,
security flaws (which happen to BSD kernels, too, obviously), are
fixed much more rapidly, since changes to the kernel don't go through
such a stringent review process.  Linux kernels also are more likely
to keep up with the latest "theoretical" security flaws as well.

BSD does have a reputation for being a more robust commercial
environment, and there do seem to be some things which they handle
better in that regard (what those things are, I really can't say).

Micah


LinkedIn
LUGOD Group on LinkedIn
Sign up for LUGOD event announcements
Your email address:
facebook
LUGOD Group on Facebook
'Like' LUGOD on Facebook:

Hosting provided by:
Sunset Systems
Sunset Systems offers preconfigured Linux systems, remote system administration and custom software development.

LUGOD: Linux Users' Group of Davis
PO Box 2082, Davis, CA 95617
Contact Us

LUGOD is a 501(c)7 non-profit organization
based in Davis, California
and serving the Sacramento area.
"Linux" is a trademark of Linus Torvalds.

Sponsored in part by:
Sunset Systems
Who graciously hosts our website & mailing lists!