"Marty P. Combs" <[EMAIL PROTECTED]> wrote: > >From my understanding, they spent a lot of time, rewriting components of > the base kernel to prevent buffer overflows and fix other security > holes. That has been the main thrust of their project for the last 3 years, unfortuanetly you pay for it in a poorly supported hardware avenue, and very bigoted distributers. I run two of these servers at my work, and out of the box I have had to do very little to get them to my level of security. There are few suid binaries, all files in the /etc directory are kept in hash tables in memory, and are diffed nightly and sent to you with a system report of disk usage, error messages, and security messages. > >From what I can see, /etc/passwd is generated at boot and only realtes > to the login in an obscure manner. Password info is actually stored in > a database that can only be accessed with "chpass" or "vipw". This is standard BSD practise, actually. Nothing new to openbsd. I think it's a good OS for a pointed purpose. I don't think anyone in their right mind would actually use it for a desktop machine :) Even trying to compile on these boxes has been a frustration, as a lot of software developers have told me 'we don't have a lot of requests for that, so we never bothered'. Chicken and Egg, I suppose. Aaron --------------------------------------------------------------------------- Send administrative requests to [EMAIL PROTECTED]
