Clifton Royston wrote:
On Sun, Feb 17, 2008 at 09:05:51AM -1000, Angela Kahealani wrote:
On Sun, 2008-02-17 04:20:18 Jim Thompson wrote:
I can't believe this hasn't been incorporated in the official OpenSSH
yet, even though it's been out there for years. No wait, I actually
can. The explanation is that the OpenSSH developers are idiots. IIRC,
of the last 4 SSH security holes, 3 were only in the OpenSSH
implementation (and the fourth one was also in OpenSSH).
...
OpenBSD: security via navel-gazing...
Would it be irresponsible extrapolation upon only a few data points,
to conclude that your conclusion is, that Linux has surpassed OpenBSD,
in both speed (both network speed and development speed), and security?
Speaking for myself, not Jim, I'm not sure. The very conservative
approach (read maniacal scrutiny) of many OpenBSD developers towards
new code has been a positive for security (while a negative for
progress) but the blinkered "We can do no wrong" attitude that keeps
cropping up with them gets in the way of the good they could be doing.
At this point they may well cancel each other out on security. At any
rate, I got too frustrated with OpenBSD years ago and switched to
FreeBSD.
It's really impossible to do an apples-apples compare between Linux
and OpenBSD because Linux is a kernel - missing the core utilities and
the package system needed to make up a complete OS. You really need to
look mostly at the latter, because by this point most of the security
vulnerabilities come in at the utilities or packages level. Each Linux
distro has a separate set of policies around it and may have very
different security history, whereas each of the BSD operating systems
is a complete system. While there are still some kernel level security
bugs - one quite recently - lately the rate they're reported in Linux
2.6 has dropped to around the very low level associated with the *BSD
kernels.
When you look more broadly than security... I hate to say it, being a
huge FreeBSD advocate, but it's my gut feeling that at this point the
Linux kernel may have drawn ahead of FreeBSD in general stability, and
FreeBSD is trying to catch up again. I can give some examples, but
they're probably OT. One of these years I really need to see how
NetBSD does on these issues.
-- Clifton
Aloha Clifton,
Yes FreeBSD wins....
I became frustrated with Linux years ago , way to many flavors . As of
today I have 3 servers running FreeBSD 7 and a desktop box and 1
mail server using the FreeBSD (Current) 8 . They just work and FreeBSD
is well supported from the FreeBSD Questions list.
Al
~Al Plant - Honolulu, Hawaii - Phone: 808-284-2740
+ http://hawaiidakine.com + http://freebsdinfo.org + [EMAIL PROTECTED] +
+ http://aloha50.net - Supporting - FreeBSD 6.* - 7.* +
"All that's really worth doing is what we do for others."- Lewis Carrol
_______________________________________________
[email protected] mailing list
http://lists.hosef.org/cgi-bin/mailman/listinfo/luau
