2010/1/22 Zamri Besar <zam4e...@gmail.com>: > The insecurity of OpenBSD > http://allthatiswrong.wordpress.com/2010/01/20/the-insecurity-of-openbsd/
> The OpenBSD approach to security is primarily focused on writing quality code, with the aim being to eliminate vulnerabilities in source code. To this end, the OpenBSD team has been quite successful, with the base system having had very few vulnerabilities in "a heck of a long time". While this approach is commendable, it is fundamentally flawed when compared to the approach taken by various extended access control frameworks. > The extended access control frameworks that I refer to are generally implementations of MAC, RBAC, TE or some combination or variation of these basic models. There are many different implementations, generally written for Linux due to its suitability as a testing platform. So... the author prefers shoddy, buggy, non-quality code as long as it provides extra access control granularity. Yeah... I stopped reading at that point. regards, --ropers
