on Thu, Aug 23, 2001 at 08:05:20PM +0000, David Freeman scribbled:
Security, lack of wholes.
http://www.openbsd.org/errata.html On reflection, OpenBSD has been vulnerable to pretty much the same set of holes as any other os. It was vulnerable to the glob bug, it was vulnerable to the setproctitle bug, the latest set of sendmail bugs, the ptrace/execve bugs that were also in linux (and appear to still exist in 2.2.19)..
Even Linux has security-orientated code audits performed on it now. So how is it more secure/a better choice?
I wan't aware that Linux had audits like this. Maybe Linux would be a better choice.
They aren't as centrally organised, but they are performed. People like solar designer and chris evans perform them, for example. But I am sure many others do too (for good or bad purposes).
It's hellishly slow on most low spec stuff that you would normally love to use as a dedicated firewall/small webserver. A p100 with 8 megs of ram crawls under openbsd. The task scheduler pretty crappy. The same box flies under NetBSD. Oh, and NetBSD runs under about 44 architectures.
But how well audited is netBSD? how many wholes are there in it?
Relatively well. OpenBSD split from NetBSD around version 1.0, because Theo de Raat, being the darling he is, decided he didn't get along with the core team any longer, so forked. NetBSD is still fairly source compatible with OpenBSD, so patches can easily be ported if anything of interest comes up. I don't know much about NetBSD audits, but it is audited systematically, and centrally atleast. NetBSD is really open about bugs and security as well as faults.