My take on the philosophy of OpenBSD: Along with "security first", essentially OpenBSD is the by product of whatever it is that it's developers have found interesting to work on. Features that have security holes will be dropped whenever discovered, until some developer finds it interesting to work on them.
Of course some reward might also help a developer find something interesting. That has been known to happen. So, I think, either donating money, employment, or code, or some kind of resource is the answer, each time you find something almost good enough about OpenBSD. Otherwise feel free to use other tools if you need them. There really is no competition in the sense you are thinking. The one place there might be competition, is finding the clarity of great documentation and clean secure code to surround your own efforts as you invest your time beside it. ALH On Sat, 14 Oct 2017, Justina Colmena wrote: > I have migrated from OpenBSD to Fedora for a couple of reasons -- and > these may be outdated, as it has been a while. The issues with OpenBSD > that I ran into personally were as follows > > * limited Unicode / UTF-8 support in OpenBSD: this was an issue > especially for installing databases such as MySQL and PostgreSQL > because there were no good sorting routines available for the > non-ASCII characters which are used in almost all languages except > rudimentary American English. > > * the race conditions that were documented at one time in systrace, > the disappearance of that utility in OpenBSD, and the lack of its > development into anything similar to NSA's SELinux, with the detailed > security policies that are developed for different applications and > services -- such mandatory access control policies, effectively > enforced, for example, theoretically make chroot totally unnecessary > to secure apache httpd. > > * lack of support as a virtualization host -- this need not be the job > of OpenBSD per se, but perhaps a very lightweight, very secure > hypervisor, such as sel4 https://sel4.systems/ for example, could > be run with OpenBSD as its main guest and used to conrol other > guests under virtualizaton. > > I do want to mention, though, that vultr.com offers as one of its > options VPS preinstalled with OpenBSD. I realize that OpenBSD is free > software and a great O/S, but there is always room for development and > improvement, and I just want to offer these points for discussion and > debate. > > I'd like to get back into OpenBSD, especially if there are ideas to > mitigate some of these issues. It would also be interesting if the > OpenBSD team could point out any flaws in SELinux similar to the ones > they experienced with systrace. >
