joe_90 writes "According to RTMX the RTMX O/S has been donated to OpenBSD! Code integration will happen over the next few weeks and probably filter through to the rest of the open source world shortly afterwards.
Cool, we get a real time POSIX feature set at last!"
Let's see; if OpenBSD can guarantee security, guarantee availability, and (hopefully) integrate the RTMX code base, without disrupting the inherent stability, won't that start to give companies like QNX a run for their money?
I am afraid to admit I don't know much about RTMX; has anyone used it before? How important is guaranteed availability to most applications? Is anyone reading this using RTMX for mission critical apps?
BTW, I'm running the new OpenBSD 2.7 release at my web site, and it's been fantastic. It's running Apache with SSL, Samba for file and printer sharing, and Nethack for when I get bored. The install took about 1.5 hours.
Well put. If it were a web server that I had installed for a client, right now I'd be furiously scrambling to fix it...
The Cisco 675 I'm using for the connection is actually fairly robust in terms of routing capabilities, despite it's deceptively small size. So far, so good, at least.;-)
Thanks for the tip about SSLftp. It sounds like just what I've been looking for.
P.S. Doesn't the BSD section of slash seem peaceful today? I swear, I should just delete my bookmark of the front page and come here direct.
Indeed, Samba is inherently vulnerable to the same types of attacks as other file servers, including ftp and nfs. In fact, ftpd is even more vulnerable to attack than Samba is, because ftp passes network passwords in plaintext! Any bozo with a sniffer on your LAN, router, or subnet can snare passwords right out of an ftp logon. On the other hand, Samba can be set to use encrypted passwords, which is not 100% secure, but much better than plaintext.
That, coupled with the fact that I've taken the liberty of creating user accounts on the OpenBSD box specifically to access Samba shares, (which have very few other privileges) makes me more worried about the physical security (i.e. theft, tornado, etc) of this particular box than I am about 'leet hax0rs right now.
I'm not saying this is an ideal setup, but Samba is very useful to have in a shop with multiple clients running Windows NT, 98, MacOS, and Linux. The Samba team has actually done rather well at making it fairly (not totally, as you pointed out) secure, too. They have features that can limit access to files by IP, user-level security, and file-level security.
In theory, you're right; a web server would have no other services running, for maximum security. In this case, it's impractical to buy yet another dedicated server, just for file serving. Most small shops like mine can't afford multiple physical servers, and it's becoming pretty commonplace to see a web server doing double or even triple duty as file servers or proxies. I'm not saying it's a good thing, it's just the way it is.
Here's some food for thought, though; if you had to support a large client base of Winboxen, would you rather be running NT server, or OpenBSD with Samba? I know which one I chose. In fact, we're in the process of migrating most of our services (DNS, Proxy, etc) from NT and even Linux boxes to OpenBSD, purely because of the security and stability.
Nethack, on the other hand, I can't justify. But then again, I don't need to, being the admin and all.;-)
BTW, I heard a rumour there is a more secure form of FTP available, that uses RSA or DSA encryption. Anyone know what that is?
and hey, "where's the beef" on that http://www.rtmx.com/ page? I want more details.
remember your part in all of this
by
eufaula
·
· Score: 2
OpenBSD strives to be the most secure OS in the world and remain free at the same time. not an easy task. Whether or not you agree with deRaadt's personality, remember your part in all of this. I agree with one AC in that if you are whining for features, buy the cd or a t-shirt or poster. They operate off of these revenues, not off of contracts or advertising or etc... So for all of us with halo's above our horns be sure to remember that. If you want something make a contribution. So like the ol' saying goes. Dont bitch about the farmers with your mouth full.
"Randy Lewis of RTMX said they started providing real-time code to the OpenBSD project last October or November, but lately, the integration of the real-time code has become more emphasized."
"Several engineers are currently working on integrating the RTMX O/S code into the OpenBSD 2.7 release, said Lewis. And he said that it will be completely integrated before the OpenBSD 2.8 release (in about six months). Once it is working on at least three architectures, Lewis said, it will be committed to OpenBSD and it will be officially announced."
Slashdot Mirror
I am afraid to admit I don't know much about RTMX; has anyone used it before? How important is guaranteed availability to most applications? Is anyone reading this using RTMX for mission critical apps?
BTW, I'm running the new OpenBSD 2.7 release at my web site, and it's been fantastic. It's running Apache with SSL, Samba for file and printer sharing, and Nethack for when I get bored. The install took about 1.5 hours.
Free music from Jack Merlot.
There was a short discussion about the merits of giving UNIX systems real time capabilities.
0 0006/msg00018.html
Its on the OpenBSD misc-mail list.
http:// www.sigmasoft.com/~openbsd/archive/openbsd-misc/2
and hey, "where's the beef" on that http://www.rtmx.com/ page? I want more details.
OpenBSD strives to be the most secure OS in the world and remain free at the same time. not an easy task. Whether or not you agree with deRaadt's personality, remember your part in all of this. I agree with one AC in that if you are whining for features, buy the cd or a t-shirt or poster. They operate off of these revenues, not off of contracts or advertising or etc... So for all of us with halo's above our horns be sure to remember that. If you want something make a contribution. So like the ol' saying goes. Dont bitch about the farmers with your mouth full.
I went looking for some more details on RTMX O/S - OpenBSD integration and found an article at:
http://www.bsdtoday.com/2000/June/Ne ws196.html
"Randy Lewis of RTMX said they started providing real-time code to the OpenBSD project last October or November, but lately, the integration of the real-time code has become more emphasized."
"Several engineers are currently working on integrating the RTMX O/S code into the OpenBSD 2.7 release, said Lewis. And he said that it will be completely integrated before the OpenBSD 2.8 release (in about six months). Once it is working on at least three architectures, Lewis said, it will be committed to OpenBSD and it will be officially announced."