Ask Theo de Raadt about OpenBSD

OpenBSD 2.8 was released today, so this seemed like a good time to ask project leader Theo de Raadt about OpenBSD -- or anything else. He's a rather colorful person; a pizza eater, kernel hacker, and devout rock climber, so even though this is a big day for OpenBSD you might want to discuss a few other things with Theo, too. We'll choose about 10 of the highest-moderated questions and e-mail them to him shortly after noon (US EST) tomorrow. His answers will appear next week.

Trusted Solaris; Programming tools

[Alex+Farber]

I'd like to know, what does Theo think of Sun's
trusted Solaris and if he is going to download
the recently released Solaris source code.

Another question: what tools do you use for
hacking? Vim or Emacs? ctags and grep and what
else? Can you share few tricks (like some Vi or
Emacs commands)?

/Alex

Re:Important Clarification and Comment

[Effugas]

> Huh? You know what CVS is, isn't it ?

Yes, I can find out what's been changed historically, if I *really* go looking. I have no way of knowing easily that:

bash-2.04# perl -v

This is perl, v5.6.0 built for sparc-openbsd

was compiled from a different codebase than:

bash-2.04# perl -v

This is perl, v5.6.0 built for i386-linux

My point is, if you change the source, change the version. That I can hunt something down in CVS is pretty meaningless if I don't know that I need to.

--Dan

Kernel design

[laertes]

I have only been using OpenBSD for a short while now, so forgive me if this question is based upon some incorrect assumtions.

OpenBSD's kernel design seems to be of the monolithic species. OpenVMS (no relation) and NT are two prominent operating systems that use a microkernel archetecture. The microkernel design seems to me to be fundamentally more secure, since there is less priveledged code. Further, if one of the servers is compromised, the damage is minimezed.

My question is this: Is the OpenBSD design fundamentally secure, or is it only a very well done implementation of a basically flawed design?

Re:Kernel design

[The+Pim]

The microkernel design seems to me to be fundamentally more secure.

Currently, very few vulnerabilities of mainstream (monolithic kernel) systems involve compromise of the kernel proper. I can't think of any off hand. Some involve DOS'ing the kernel (ping of death). Some involve tricking the kernel into sending bad data to someone else (eg, modprobe). I've heard of potential buffer overruns being fixed in Linux, but I've never heard of any being exploited. Perhaps it's because there are too many bugs to exploit above the kernel, or because it's too hard to develop and tests the exploits, or because kernel developers are just a careful breed; but making the kernel harder to take over doesn't seem to buy you much in practice.

Even if you are worried about such attacks, it's not at all clear that a microkernel wins. A great benefit of a monolithic kernel is that the entire development project is more unified. Developers are more likely to be familiar with the whole codebase, aware of interrelationships and finding bugs throughout. This is why Linus insists on keeping megs of random drivers in the kernel distribution. If the parts of a microkernel are developed in more isolation, there are fewer eyes on the whole thing, and more chance of miscommunication. For example, the Linux/modprobe bug mentioned above could just as well have happened between two services in a microkernel-based system.

Re:Kernel design

[Guy+Harris]

OpenVMS (no relation) and NT are two prominent operating systems that use a microkernel archetecture.

NT's kernel isn't all that micro; network-layer and transport-layer protocols, file systems, and the drivers to which they talk live in kernel-mode code. Some of the Win32 environment is provided by a privileged user-mode server process, but this isn't one of those "almost all the real work is done in servers" microkernesl.

VMS was, at least at one point, more microkernelish, as file systems were implemented in user-mode Ancillary Control Processes (or whatever ACP stood for); I have the impression that the file system code may have moved into kernel or executive mode, however.

Re:Kernel design

[DoXaVG]

Linux kernel 1.2.13 I believe had a buffer overflow in the kernel that was exploitable and was exploited.

Re:Kernel design

[jd]

In reality, side-effects usually cause errors to cascade through a microkernel. It's a nice theory, but not one that has ever been implemented in a workable way.

(The kernels that -are- secure & stable are imposibly slow.)

Where Did You Learn Your Code Audit Discipline?

[EXTomar]

Did the drive to audit code come from the need or the design of BSD? Or was it initially a whim? More imporantly, where did you learn it from? Is their some "mentor" you looked too for ridge design? I have to admire your team's daunting code reviewing...I wonder if I'll ever have that kind of meticulous coding nature.

Re:encryption

[um...+Lucas]

Ermmmmmmm... American encryption laws are a moot point for a couple reasons... First, the laws don't exist anymore - they've given the okay on exports of encryption to all but the 6 or 7 countries we have embargo's against, and Theo + OpenBSD are based in Canada, making them immunte to USA's laws anyhow...

Re:Availability of ISO images

[dvNull]

If Theo made the ISO images available, would you purchase an OpenBSD CD just to support him?

You *can* do an ftp install or AFS install or even make your own CD. So its not like you *have* to pay to get it.

The CD is $30.00 plus S/h, so buy it, get the CD set and have the warm fuzzy feeling of having contributed to the project in some way.

Btw the T shirts kick ass too


The number of the beast ...

Re:University of Alberta

[Tuzanor]

the funny part is that openbsd.org is running of solaris :-/

TrustedBSD

[XiRho]

What's your opinion of the TrustedBSD project? I know it's relatively green and AFAIK not much has been shipped off the assembly line other than some rough beginnings. But, that aside, do you think it's too ambitious (or not ambitious enough?) And if it ever does complete its goals do you think OpenBSD will utilize any code from it?

Additional hardware support

[stuff-n-things]

To add to the questions regaring SMP and Ultrasparc support, will there be any support for ADB based PCI Power Macs?

Re:Pizza donations

[mcrandello]

I downloaded and have been using OpenBSD for a couple of months now, and I'm definately impressed. If someone would explain the two pizza jokes I've seen here to me I feel as if my OpenBSD experience would be perfect...

Anyway I guess My question would be this- Are you a beer drinker, Theo? If these guys are going to donate pizza, what type of beer would be appropriate and where would I have it shipped?

Gifts May Not Be Taxable :-)

[Christopher+B.+Brown]

On the one hand, if Theo brought in $300K, "10,000 @$30" and didn't have any expenses, that would be pretty impressive funding.

More realistically, the amounts get diminished in two obvious ways:

• Theo needs to pay, up front, for the CD "burns." I'd expect that to be around $5/unit, which just ate $50K right there. :-(
• Many of the CDs are not sold directly, but are rather resold. In which case it's likely something more like $15 that comes in to Theo.
• Unsold inventory, anyone?

  What doesn't get sold transforms magically into "pieces of chad" that aren't being fought over by Floridan electoral officials, but which rather cost that $5, and result in zero input of cash.

I'd be surprised if Theo's seeing as much as $100K of "positive" cash flow, all in all. If he's seeing more than that, bully for him; it's not as if he hasn't put in a lot of work that resulted in that.

As for your suggestion that it would be slick to have a "charity" to handle the money, while part of me agrees, there's definitely room for duality here.

What I would like to see is for people to take the action of Just Plain Giving Out Gifts to developers that they want to give money to. No "charitable contribution;" no "tax deduction."

One might think that this is a losing proposition, as there's "no deduction." To the contrary, if there's that deduction, on your side, then the money must be treated as a taxable income on the part of those that receive it as income.

It's worse than that; employment income involves deductions, which means that lots of the money gets eaten up by taxation.

In contrast, if you give someone $50 a gift of your after-tax income, it may not be deductible in your hands, but should correspondingly not be taxable in their hands. If someone received $40K in nontaxable gifts, that might well be as good as receiving $60K in taxable income...

Food for thought...

Re:Gifts May Not Be Taxable :-)

[DoXaVG]

I don't know about Canadian law, but in the US I believe the limit to non-taxable gift income is $9,999.00.

--Dox

Re:Gifts May Not Be Taxable :-)

[bgalehouse]

If donations to the theoretical non-profit where paid to Theo as income, then of course it would be taxed as income. On the other hand, the money could go into hardware, connectivity, or other 'buisiness' expenses paid by the non-profit. In this case, I suspect that it would still be tax free. I think that companies are generally taxed on profits, not revenue. I'd expect non-profits, if taxed at all, to be taxed in the same way.

Also, I'm no tax lawyer, but I'd expect that total gift income (and certainly any inocome from CD sales) is taxable once the total amount is sufficiently large. If most of that money was going to support the project, there could be tax savings in creating an organization.

BKL SMP for OpenBSD?

[lamontg]

Are there any plans to make OpenBSD run on SMP systems using a big kernel lock for mutual exclusion? This would seem to be a reasonably simple and safe approach to SMP, if not the best performing one. The usefulness might seem limited but one possible application is an IDS box that sniffed network traffic in one process while handling analysis in other processes running on the other CPUs in user space.

And focusing on OpenBSDs strengths, a second step to remove the BKL for the networking code could result in useful SMP for firewalling, VPN and IDS applications under SMP. Any plans or thoughts on minimal SMP support like this for OpenBSD?

Re:Time warp

I don't think he meant "X" as in "please don't call it X-Windows", rather something along the lines of "say I wanted to implement feature 'FOO'".

Please remember that the use of "X" to represent "Something" is deprecated, and has been replaced with the more featureful "FOO" :^)

Re:Mountains

[tbo]

Whistler/Blackcomb.

I hear Fernie isn't too bad, either, if you don't want to drive too far from Alberta. Don't bother Theo with questions that could be answered by any Canadian.

Re:will the zaniness never stop?

[cosmic+heat+death]

that was the best post in the whole article!

OpenBSD in Canada

[tbo]

Canada is the centre of development for OpenBSD. With the state of encryption, patent, and copyright laws in many places, do you think there are many other countries in which something like OpenBSD could have been developed?

What legal trends do you see as particularly threatening to OpenBSD or similar projects?

Re:Making the rest secure

[kurth]

personally - i'd love to see a secure ports tree...it'd make life a hell of a lot easier for us sysadmins :-)

Re:Because Theo is a BIG TIME asshole jew turd

[bjtuna]

I love it when people post shit like this as Anonymous Coward. Man, you wouldn't want to see what I would do to your anti-semitic ass if I knew who you were. Go hide behind your AC, asshole.

love,

Brian

Re:Where doe the money go?

[AntiBasic]

Strippers. Lots and lots of strippers.

Re:Mountains

[debrain]

I'm Canadian and asking the question any Canadian could answer? Riddle me not that one!

Pizza!

[NTSwerver]

Theo, would you prefer anchovies or black olives on your pizza?

----------------------------

Re:Pizza!

[bob|hm]

From Theo's personal website:

I like pizza. A good phone number to call is + (403) 531-3131. I like their medium vegetarian deep-dish. They take VISA and MC. My address is a provided a few lines up. Ok, scratch that. Now they won't take foreign VISA/MC anymore! ARGH! I need an alternative.. Please don't order from George's Pizza near my house -- they sell garbage.

Re:Pizza!

[uweber]

Hey who moded this down, OpenBSD is pizzaware, so if that chap wants to send Theo a Pizza (ore any of us of course) we should know what he likes.

--Ulrich

Re:BSD == Satanism

[bsDaemon]

So what?

Re:Easy to use based OS?

[Faulty+Dreamer]

Speaking in terms of the revenue that can be generated from a free software project makes it quite evident that you do not understand the basic principles driving it. Where exactly did I say it had to be another Microsoft? Frankly, the entire Microsoft vs. non-Microsoft crap is just a bunch of gibberish that is thrown into any sort of software discussion simply because people are scared that it might be possible that Microsoft can be sidestepped by someone. The company I work for has sidestepped MS, and more are following.

It's not that I hate MS, it's that I hate the idea that you are either for or against them. We use the best tool for each job we do. If we ever see a need for an MS based solution, it certainly won't destroy me to use it. Forget the entire "We don't want another MS" rant and realize that another choice to free software is not going to be another MS. I didn't say anywhere that I didn't want something modular. I wouldn't use it if it wasn't package based, or in some way easily managed. And I don't even see the possibility of a free software distro coming out without some form of package management in this day and age.

Nothing personal against you, but it seems you failed to grasp what I was driving at.

Still hindering?

[juuri]

Hi Theo,

Do you think your once overzealous (now calmed) ego is still hurting OpenBSD? Or has time calmed the fires?

In the early days the open fighting between the NetBSD (we won't take changes until hell freezes over) and the OpenBSD (we are the best, you suck) camps was pretty unattractive, to say the least.

Re:Unifying the base?

[baldusi]

Have you heard of the KAME project? It's a project to develop an IPv6 subsystema for de *BSDs. And it has aparently been quite successful.

Re:Why FreeBSD?

[gorgon]

Troll or typo - you make the call. Either way, it is OpenBSD not FreeBSD.

"That fat, dumb, and bald guy sure plays a mean hardball."

Re:A book on code auditing?

[Eck]

Sure, MS has to publish good books on writing solid code! After all, they leave it to application developers to write extra-solid code in an effort to make up for the platform's instability. Before you laugh, notice what an (unfortunately) successful model it's been for them. :-(

Dear Moderators,

This is not a troll. Some explanation as to why it is sensible to have three free bsds actually would be useful, since there is a lot of wasted effort somewhere.

Re:Dear Moderators,

[um...+Lucas]

Why are there 25 free linuxes? Don't we only need one? And geez, what's with all of these operating systems in general? Wouldn't we be better off one, say Windows?

The BSD's are projects just like any other... They're developed with different mindsets, different goals. And since it's under all the BSD license... the leaders from any of the other BSD's can pick and choose from anything any other *BSD has done. So effort doesn't need to be wasted unless one has a better solution in mind, in which case it's not wasted after all.

Re:Dear Moderators,

[dragonfly_blue]

Can someone explain to me the reason for all these different flavors of ice cream? I like it better when there was chocolate. or vanilla. but this country's gone to hell in a handbasket since they invented strawberry.

Re:Dear Moderators,

[buster+hyman]

maybe it's a troll because this person got FIRST POST! you know those frist posters, they're all trolls.

Question About Chroot

[congiman]

Question about chroot:

turns out from looking at the OpenBSD, suse, redhat man pages that chroot is only invokable as root.

Now I know the idea of chroot is so that programs you do not necessarily trust can be run in a smaller box than that of the entire system and you can put only the necessary tools needed for it to run in this box.

What I would like to do is take a program that I run chrooted and also have it run as a lower priviledge user (than root). I believe this to be a good idea.

Programs like apache and bind have support for this.

However there are quite a few programs that do not has support or understanding of "run_as_user or a "-u" flag etc.

Since I can only launch chroot as root, the program I spawn is run as root, granted its in a chrooted shell, but I would like the program to run chrooted and be run as a low priv user. I certainly dont want to put something like su in the chrooted directory (and maybe even a shell) to have to make this run as another user.

What is your take on this? Should there be something like a "-u user" flag to chroot?

Why would this be a good/bad idea?

Re:rock climbing and openBSD philosophy

[hammock]

Microsoft Windows 2000 [Version 5.00.2195]
(C) Copyright 1985-2000 Microsoft Corp.

C:\>ls
AUTOEXEC.BAT
CONFIG.SYS
Documents and Settings
Games
Gravis
IO.SYS
MSDOS.SYS
NTDETECT.COM
PerfLogs
Program Files
RECYCLER
System Volume Information
Temp
WINNT
arcldr.exe
arcsetup.exe
boot.ini
hua.tmp
huadio.tmp
hwa.tmp
ntldr
pagefile.sys

C:\>uptime
\\THEFOX has been up for: 0 day(s), 2 hour(s), 5 minute(s), 44 second(s)

Estimate based on last boot record in the event log.
See UPTIME /help for more detail.

Mac OS X & BSD

[maggard]

What's your take on Apple putting a BSD-layer in their forthcoming Mac OS X? What effect do you see this having on the BSD community & your own distribution in particular?

Re:Mac OS X & BSD

[maggard]

Except of course it's a Mach 3.0 kernel, etc. My question stands as-is.

Re:University of Alberta

[AntiBasic]

If you were offered an OC connection for FREE would you take it? I'd assume yes.

Two *real* questions

[DrQu+xum]

1. Are there plans to have SMP kernels in OpenBSD (for those archs that support it, e.g. i386, alpha, sparc) ?
2. Are there plans to support the UltraSPARC platform? I'd let the OpenBSD developers use ours, but it's kinda busy being a 24/7 file server under Slowaris :)

Thus sprach DrQu+xum, SID=218745.

Re:Two *real* questions

[Strog]

I'd let the OpenBSD developers use ours, but it's kinda busy being a 24/7 file server under Slowaris :)
A generous offer to be sure.

Seriously though we need get some of this hardware in the developers hand to get the support we want. The two questions should be:
1. What kind of hardware would you need to have donated or long a term loan?
2. What kind help do you need to code it and get these projects going?

Re:Two *real* questions

[Matthew+Weigel]

1. Take a look at smp.html. I386 and sparc, and hopefully ppc now that SMP is mainstream on that platform. Note that SMP on alpha would likely only come after the alpha port were revived (regarding which there has been some talk, but I don't know how much code).

2. Take a look at sparc64.html.

Re:A book on code auditing?

[extar-bags]

Imagine, if you can, Windows with the stability and security of OpenBSD - would we still treat M$ with such hatred then?

yes. yes we would, because the /. crowd is just too pigheaded to change. case in point: we can't say enough about how much of a megalomanical asshole Bill Gates is, and yet Theo De Rat [sic] can do anything and still be the new Messiah. Remember the whole thing with openssh.org?

Theo is the single biggest reason to not use OpenBSD/OpenSSH.

----------

Important Clarification and Comment

[Effugas]

Xenophon:

I'm actually pretty confident that OpenBSD tracks the changes they make, but those changes(I believe) are to the overall package that is OpenBSD, not to the individual files.

You wrote:

===
I don't think you understand how they package up their releases. It isn't like Red Hat or Debian, i.e. there are no individual packages like perl-5.003-666 or nethack-23-skiddoo.
===

To which I reply:

ftp://ftp.openbsd.org/pub/OpenBSD/2.7/packages/s pa rc/

That being said, it may very well be that anything that Theo directly touches is considered a critical component and is kept out of the "packages" tree. This would be somewhat surprising to me(given the amount of energy Theo et al puts into creating a "high quality package archive"), but wouldn't be unimaginable. However, it remains unclear what has been touched and what hasn't. Is that really Perl 5.6.0? What about Netcat 1.1.0? I can't even compare binaries; I have to diff source trees.

Not too long ago, one security guru got taken to task *HARD* for assuming that the version of Debian he had downloaded possessed the same security holes as...uh, that version actually had. Except it was the Debian unmarked modified patched version, and he didn't know. He submitted a total mea culpa...but I'm just not sure he should have.

This is actually the topic of a paper I've been considering writing, but I think it'd be much more interesting to hear what Theo has to say on the matter first.

Yours Truly,

Dan Kaminsky, CISSP
Cisco Systems, Advanced Network Services
http://www.doxpara.com

Re:Important Clarification and Comment

[airgee]

I'm actually pretty confident that OpenBSD tracks the changes they make, but those changes(I believe) are to the overall package that is OpenBSD, not to the individual files.

Huh? You know what CVS is, isn't it ?

http://www.openbsd.org/cgi-bin/cvsweb/src/usr.sbin /named/named/ns_resp.c

> > I don't think you understand how they package up their releases. It
> > isn't like Red Hat or Debian, i.e. there are no individual packages
> > like perl-5.003-666 or nethack-23-skiddoo.
>
> To which I reply:
>
> ftp://ftp.openbsd.org/pub/OpenBSD/2.7/packages/spa rc/

Again :

http://www.openbsd.org/cgi-bin/cvsweb/ports/net/nt op/

My question for Theo...

[Oztun]

I've read both the FreeBSD and OpenBSD looking for facts to support what is the best choice and only found OpenBSD claims for good security. From talking to people who use the BSD's more than I do I've heard FreeBSD is faster than OpenBSD on average. I've heard that FreeBSD is faster for running user applications and OpenBSD has faster networking code. Is this true and does the 2.8 release change any this?

Re:My question for Theo...

[Dr.+Smeegee]

OpenBSD audits their code for security, and the auditing gets rid of the worst of the poorly written code, but sometimes, the most secure design is horrifically unintuitive. The newer bits (like OpenSSH) show this the most: you'll need to make a sanity check after looking at some bits of that code.

I can't speak to the code, but I use OpenSSH and it's attendant transfer goodies every day and find the whole Hee Haw gang to be extremely useful and possed of a very logical interface.

In the end, I don't have an opinion one way or another on how the code looks to people, as long as it gets the job done and keeps the hottentots out of my business.

Re:My question for Theo...

[Oztun]

Sorry about the grammer I was being interupted by work =). I am reposting my question so it makes sense. If my question gets used please quote the following:

I've read through both the FreeBSD and OpenBSD websites looking for facts to support which one is better. The only thing I've found is OpenBSD's claims for better security. From talking to people who use both I've been told FreeBSD is faster on average. I've heard that FreeBSD is faster for user applications and OpenBSD has faster networking code. Is this true, did I miss any comparisons, and will the 2.8 release change any of this?

Re:My question for Theo...

[PapaZit]

I've yet to find any claims that weren't obviouly biased (Open people saying that Open is better, Free people saying that Free is better, etc.). I think of myself as a Linux guy, but I like to play with all of the BSDs.

My own perceptions:
FreeBSD is nifty, and accepts code almost as liberally as Linux. That is, poorly written but functional is acceptable. This tends to result in FreeBSD having more nifty features that work before any of the other BSDs. However, the design is very evolutionary and distributed, and some bits of the code are just plain scary. Broken things that lots of people care about (like speed issues) are fixed quickly. Broken things that not many people care about tend to be ignored.

NetBSD contains the sort of code that'd make CS professors proud. It's clean and well-documented, and there's a lot of thought given to design and the larger picture. Like a CS project, though, it tends to be slow, as the most intuitive way to do things is often not the fastest. There are also times when the "run on anything" focus gets in the way of maximum performance.

OpenBSD audits their code for security, and the auditing gets rid of the worst of the poorly written code, but sometimes, the most secure design is horrifically unintuitive. The newer bits (like OpenSSH) show this the most: you'll need to make a sanity check after looking at some bits of that code. I really REALLY like the emphasis on security, though. It feels a little bit slower than FreeBSD, but not as slow as NetBSD. I have no hard numbers to back me up, just personal perception.

--

Firewall/NAT box

[yamla]

Linux has FreeSco, a product that fits on a 3.5 inch floppy disk and acts as a router and NAT (Network Address Translation). I always thought something like this would be ideal for OpenBSD. After all, I would rather trust OpenBSD than Linux for this.

Are there any plans to produce something like this? Something with a very simple user interface that is quick and easy to get set up? I'd love to play with OpenBSD and do it by hand but I simply do not have the time.

Re:Firewall/NAT box

[Tuzanor]

There is something like that for NetBSD here. But it's really just an install disk and lets you do an FTP install to your HD. which doesn't really matter because if you're using a comp as a firewall/NAT then you probably aren't going to be using it for anything else and can wast the small HD on an old comp. But ya, an OpenBSD one that fits on a single floppy would be cool.

Re:Firewall/NAT box

[Cmdr.+Marille]

Ahh, well I'm posting something offtopic. I just wanted to not that something like this has been done for NetBSD look at this link www.dubbele.com

Re:Firewall/NAT box

[Hard_Code]

What about PicoBSD?

the tissue box factor

[pixel+fairy]

It installs fast (12 minutes including formatting a 6 gig hard dirve on a laptop), is easy to use if you know what your doing. this means you can quickly be set up for most purposes. the fact that it includes things like a dhcp server, apache, and ipsec means that it makes a great turnkey network thingy.

the documentation is excellent. almost all man pages have examples of common uses. the faq at openbsd.org is like a users manual.

the layout is very simple and well desinged so you can change things easily.

has the advantages of the other BSDs, like having all the source conviently on the box if you want it, and being able to update that for recompiling with cvs. that makes security updates a simple process.

has great auto-detection of things like ethernet cards (especially ethernet cards)

it runs on a machine that looks like a tissue box!

Re:the tissue box factor

[TGR]

oh my GOD that was an evil link, man. evil evil evil.

Re:Blowfish passwords

[Greg+W.]

From crypt(3) (OpenBSD 2.6):

The Blowfish version of crypt has 128 bits of salt in order to make
building dictionaries of common passwords space consuming. The initial
state of the Blowfish cipher is expanded using the salt and the password
repeating the process a variable number of rounds, which is encoded in
the password string. The maximum password length is 72. The final Blow-
fish password entry is created by encrypting the string ``OrpheanBehold-
erScryDoubt'' with the Blowfish state 64 times.

There is no "blowfish key" to keep secret. The password and the random salt are the key. If there were some "secret key", it wouldn't stay a secret very long -- the passwd(1) source would have to contain it, and you'd get it straight from the CVS server (or the CVS snapshot on the CDs).

A more interesting question, then, is whether it's possible to launch a known-plaintext attack to retrieve the key (and thus the password). The plaintext is in the man page that I quoted above, and the cyphertext is in the master password file. But I'm no cryptographer (I don't even pretend to be one), so I can't speculate on how feasible such a feat would be.

Re:Availability of ISO images

[Omega996]

emacs makes baby jesus cry.

if Theo and crew release a 'Manga Ramblo' TShirt, i'm SO there...

Re:Embedded/Floppy Based OpenBSD

[Depressive+Cyborg]

This is interesting. Nearly *ALL* floppy based systems/distributions are built around the Linux kernel. I hope there are people out there trying to use other kernels (obsd?, fbsd?, hurd?, comma^H^H^H^H^H)

BTW, if anyone out there is going to hack a special kernel for floppy systems, let me know. :)

When I close my eyes, there's a rootprompt in the upper left corner

Re:OpenBSD ISO Policies

[TheLer]

Its all about the funding. I believe the CD sales are OpenBSD's main source of income and if you could download an ISO, CD sales would diminish greatly.

Sometimes you by Force overwhelmed are.

Re:A book on code auditing?

[stu_coates]

Maybe MS doesn't read their own books - but a lot of the are great

That was the point I was making... both of the books have very good points in them and are certinaly worth reading if you're not familiar with "defensive programming". It's just a shame that M$ don't always pratice what they preach on the subject.

Imagine, if you can, Windows with the stability and security of OpenBSD - would we still treat M$ with such hatred then?

Re:A book on code auditing?

[boedicker]

"The Practice of Programming", by Kernighan and Pike, is also good.

A "capabilities" model for OpenBSD?

[Nonesuch]

What is your opinion of the "capabilities" model of security, as implemented in Linux or in SecureOS, a BSD-variant used by Secure Computing's Sidewinder firewall?

Will OpenBSD ever support "role accounts" with the ability to perform very specific functions that would otherwise require superuser access?

Re:A "capabilities" model for OpenBSD?

[scrytch]

> What is your opinion of the "capabilities" model of security, as implemented in Linux

Here's my opinion: Linux capabilities aren't. You want real capabilities, check out EROS.

Direction of OBSD

[commandant]

First, I'd like to know what hardware the majority of OBSD users run. Is it a vast majority, or are people fairly evenly divided? Second, given the first part, what direction is OBSD headed? Are you going to keep the status-quo as long as that sufficient, are you going to work to put OBSD on larger-scale hardware, or will you try to scale it down like many are trying to do with Linux?

I do not belong in the spam.redirect.de domain.

coo

[streetermurdock]

just wondering where i can get more info on *bsd i know nothing about it -:-:-:- http://angelifre.com/mt/streeter

Re:coo

[streetermurdock]

thanks

-:-:-:-:-
http://angelfire.com/mt/streeter

Re:coo

[streetermurdock]

other than the obvious link posted, it wont tell me what i seek
such are websites

-:-:-:-
http://angelifre.com/mt/streeter

Re:coo

[Tuzanor]

you typed that wrong, you forgot the r is search ;-) here is the full link.

Re:Making the rest secure

[squiggleslash]

I don't believe that the OpenBSD development team could successfully authorize other developers' software without code changes, but your example of ISC BIND does illustrate how a 'secure ports' tree could work without me needing to.

OpenBSD is already shipped with BIND, an older version than usual, but one that has been code audited thoroughly. A secure ports system would consist of a standard port, with the usual checksums/version numbers to ensure a trusted tarball is used as the base for such a port, and a collection of patches to remove/fix known security issues.

There certainly isn't a "need" to rely on the third party to commit changes, though obviously such changes should still be submitted, any more than there was a need for Theo's team to wait until BIND4 was released with their changes before shipping it with OpenBSD.

As others have pointed out, there is a manpower issue here, but that said, with many people interested in ports of specific products, it would seem likely to add to the developer base to an extent if at least the mechanism for a secure ports collection were put in place.
--

smp

[NateKid]

What is the status of SMP? I belong to the mailing list and there is little traffic (2 comments a week, or so). I realize that there are bigger issues at stake then performance, but changes to the scheduler (to make it smp-ready) can usually be done pretty transparently, or even (like with linux's "#ifdef SMP"s) in a way that locking primitives cause a box to take no performance hit when the kernel is compiled without smp support. So, what are the chances of an ambitious youngster to ravamp the scheduler for smp support sometime before 3.0? Scheduler changes usually don't introduce security holes (except for the occasional DOS :)) if done right.

Packages?

[iamsure]

With the effort underway by www.openpackages.com, and with the correlating efforts on the linux side by Connectiva to making a apt-rpm bridge, do you think it would be a good thing, from a security, and OS level point of view, to have a single type of package.

Does your team support the efforts towards a unified package structure?

Further down the road, if one package structure does develop for *BSD, would you also support an effort towards a common package from *BSD to linux?

Thanks for a great OS..

What about IA64?

[dbrower]

The silence on IA64 from the BSD crowd is deafening. Why is that? For server applications, it would seem like BSD would very plausible as a good choice if it were available.

-dB

Re:What about IA64?

[Guy+Harris]

The silence on IA64 from the BSD crowd is deafening.

Low volume != silence. There is an IA64 FreeBSD port in progress, although it's in its very early stages; I don't know whether the NetBSD folk are doing anything with IA64, but they've probably at least considered it.

Re:University of Alberta

[spectatorion]

www.openbsd.org is just a mirror on a SUNsite (hence the solaris) done as a favor to the OpenBSD project. www.usa.openbsd.org and openbsd.groupbsd.org both run OpenBSD. openbsd.rt.fm has just been added. Note: www.usa.openbsd.org is run from canada (assumedly by the project itself), but I was unable to determine the locations of the other OpenBSD sites, although their IPs are similar. the sunsite running openbsd.org is also in canada.

-----
#cd /

Re:Trust

[timpen]

That paper is by Ken Thompson. Good hack though? Eh?

Re:Time warp

[Balp]

All of that story is on Theos home page, it was NetBSD he started to port to those card if I follow the strorry correctly. But in the end it became OpenBSD of it. (He has a long story about the NetBSD - OpenBSD split on his personal page.)

where is OpenBSD going?

[cheezus]

I am linux user, but I have some friends who run OpenBSD servers who would never consider another OS because of security concerns. As a workstation user, I appreciate the power and stability of Linux. Linux is starting to compete with Windows in the UI/ease of use area (although it's obviously not there yet). Do you consider OpenBSD to fit a certain niche such as the ultra secure server, or is it slated for Total World Domination as Linux hopes to reach. Can you pursuade me, as a normal desktop linux user, to switch to OpenBSD?

---

Code-auditing

[AT]

Any advise for code auditers? Can you share any tips or techniques you have found useful in uncovering bugs? What do you first look for in a fresh piece of code? What about a mature piece of code?

Serious kernel related...

Boxers or briefs ?

Elaborate.

Re:Serious kernel related...

[vectro]

This was posted to the OpenBSD-Advocacy mailing list today, in response to the above:

If there's any chance of arranging design and pre-order support for boxers before Theo posts responses, themed boxers for:

'Blowfish'
'Demon Inside'
'Hardened'
'Another Quality Package'
'Unbelievable Uptime'
'Yes, it's open.'

This is not the first time OpenBSD boxers have been suggested, but it seems there are no companies that will silkscreen boxers.

Slackware

[Shadowlion]

Let me ask you this question about Slackware.

When you encounter some software that you want to install on Slack that doesn't exist in packaged form (meaning it's either just source, or not in a proper .tar.gz package), what do you do?

Do you convert it into a package and then run it through pkgtool, or do you simply eschew the use of pkgtool and handle your system manually?

If the latter, do you keep track of what files are installed where? If so, how?

Thanks (from somebody who keeps vacillating between Debian and Slack, and who would like some of his Slack questions answered! :)

--

Re:A book on code auditing?

[Shadowlion]

Theo is the single biggest reason to not use OpenBSD/OpenSSH.

Pffft.

I don't care how big of an asshole somebody is, if they write good, solid code that does what I want/need, I'm using it. Why boycott a piece of software because it's connected to someone who has a bug up their ass?


--

Linux publicity

[Stephen]

How do you feel about the amount of publicity Linux has got in the press in the last couple of years, as opposed to the relatively low profile of the *BSDs?

Re:Embedded/Floppy Based OpenBSD

[kan-fu]

Check out the emBSD project. It aims to create a stripped down, small footprint distribution of OpenBSD for embedded devices.

Mountains

[debrain]

Soooo ... where's the best place to ski/snowboard??
:)

Re:major point: *BSD is Dying

[daemonix]

BSD is dying ? unlikely I think not in 10 years from now.. fyi I'm considering installing NetBSD this month

Dual Processor Support

[dragonfly_blue]

Although there has been some indication that people are interested in running OpenBSD on machines with dual or quad processors, it appears that there are not enough resources and volunteers available to make this a reality. Although I use OpenBSD for my web server, I am by no means an expert, at this, but I'm curious nonetheless.

From what I've heard, multiprocessing support is going to be a very tricky thing to implement, because it gives rise to so many possible exploits, particularly with regards to race conditions. I also understand that it would take a remarkable amount of effort and time to rewrite much of the code base for SMP without compromising the OS's integrity.

With that in mind, what kind of resources would you need before you could seriously consider attempting dual or quad processor support? And, if you were given unlimited access to those resources, how long would it take before a -stable release would be ready? I would really like to see this feature get implemented, although I know that at this point your developer team is busy enough as it is.

Ports Collection

[pdholden]

Sir Theo de Raadt,
There is talk about all the BSDs having a unified ports collection. I know that OpenBSD can't audit every software port, and the OpenBSD site quotes: "we strive to keep the quality of the packages collection high." I would believe that ports security is still an issue.
My questions are: Is OpenBSD wanting a unified ports collection? How will this affect the proactive security stance of OpenBSD? What roadblocks stand in the way of this happening?
-pdholden

Re:Ports Collection

[pdholden]

I am quite aware of that... Hmmm.. I guess I did word that incorrectly. What I had intended to convey is that despite the fact that they don't audit ports, they try to keep high quality... by being aware of what goes in the collections. But if it is unified, could they be as discretionary?

Re:New Miss Blowfish Logo

[shking]

> From the file name, it looks like she's called "Sushi". ... and Sushi says "Fugu" to script kiddies

Re:Rock Climbing

[bomek]

Climbing is the best thing to stay alive! Coding and climbing is also the only thing i do :-)

Re:More a question of personal preference

[BJH]

Actually, I've found it pretty much impossible to strip a Red Hat install down to anything less than 250MB without resorting to --nodeps, which kind of defeats the purpose of having an RPM database.

New Miss Blowfish Logo

[Azog]

Thanks for OpenBSD, Theo. It runs my firewall.

I love the cute new version of the blowfish logo! From the file name, it looks like she's called "Sushi".

So my questions are (a) Who is the artist, and (b) When will there be a T-shirt with a picture of Sushi printed really big?


Torrey Hoffman (Azog)

Re:New Miss Blowfish Logo

[jcs]

from the announcement, the artist is Ty Semaka.

rock climbing and openBSD philosophy

[311Stylee]

considering the philosophy of proactive security in regards to openBSD, how does this influence your ethical position in rock climbing? i really am asking if you are a Rad or a Trad climber.

along the same lines, do you feel the openBSD philosophy influences other parts of your life too (ie. physical security to your residence or whatever else springs to mind)?

finally, do you think (upcoming) wireless technology will influence climbing? explanation: often, local routes can only be found by enlisting the help of local climbers or locally produced guidebooks; with a wireless computer connection you could hypothetically access on-line climbing guides (which are a lot easier to put online than to get published) for just about anyplace....

also, what's the hardest route you've done/flashed?

thanks, 311stylee


C:\>ls
bad command or file name
C:\>uptime

Why no ISO images...

[sergio]

Theo,

Nice work, but if there are no ISO images downloadable I doubt that the product is used
very much... therefore it has not been reviewed
a lot
... so then...
appart from a bit of self inflicted
damage (or need for cash) why is is it that you
insist on copyrighting those ISO image distributions? Just to keep BSD to a few select
users (as usual :-)

Re:Making the rest secure

[rgmoore]

How about looking at tools to allow insecure software to be used without compromising the integrity of the system? The effort to produce a secure OS base is largely wasted if adding new programs trashes the security. It's nice to have an OS like OpenBSD as the basis for high security bits like firewalls, but it's never going to get beyond a niche market if the security evaporates the moment that desktop/workstation applications are installed. What kinds of things is OpenBSD doing to help make it easier for developers to make secure applications?

Notoriety through obscurity? ;-)

If they don't write this kind of a book the auditors would seem to be defending their tools and methods by security through obscurity.

;) MG

OpenBSD vs. Bastille Linux

[drfalken]

In the recent /. interview Jon Lasser and Jay Beale commented that they believed OpenBSD was impractical, missed vulnerabilities and basically missed the point of OS hardening. How do you respond to this point of view?

"The question everybody asks, in a million different ways (sorry, I'm not going through the thread again to pick out users; you know who you are):
Why do this? Why not just use OpenBSD?

Jon: Because people use Linux. Ultimately, standard is better than better. For most tasks, most of the time, assuming that the stuff meets minimum qualifications, it's better to have a single platform than multiple platforms that fulfill different needs.

Besides, a fair part of OpenBSD's security comes from its feature-limited default installation. They've been subject to the same FTP and DHCP exploits as everyone else, only the features aren't enabled by default. Heck, they're not enabled by default for most classes of Red Hat installs either. But people use them.

I'm not opposed to auditing, and I'm not opposed to more secure defaults. But most boxes sure seem to me to be hacked via holes that are known, that have been out for months, in services that aren't being used, and that haven't been patched. We speak to those systems first, since the low-hanging fruit is so extensive.

Jay: Yup. Further, Linux has room to surpass OpenBSD, in my opinion. Linux developers are doing more kernel-level security work, because of Linux's popularity as a standard. OpenBSD, as Jon points out, misses vulnerabilities, because their auditors are human and non-omniscient. Kernel-level security solutions, like Medusa DS9 or WireX's Immunix technology, are the only way to really stop the vulnerabilities that the audits miss. Linux can really rocket ahead here and I think the whole Bastille project will be eager to help."

Re:Why *Open*BSD?

[citmanual]

I want to know why this post managed a rating of 2.

University of Alberta

[yamla]

OpenBSD seems to be hugely popular at the University of Alberta, particularly in the Department of Computing Science. Could you talk about why this is so, why the department settled on OpenBSD instead of some other Unix, how OpenBSD is used there, and why several staff at the university work on the OpenBSD project?

Re:University of Alberta

[Tuzanor]

ya i figured as much. you kinda think that they would have just given them a pipe and a box to run off of openBSD. if the wrong people notice that it's running of solaris(managment types, sigh) then they'll come to the conclusion that they're wannabees and that "OpenBSD isn't even good enough to run the servers of the people that make the OS. Then again i the way BSD people are i doubt they care. THat just means that there's one less person who shouldn't be running BSD that now won't, which is also a good thing.

Re:University of Alberta

[KeLp]

Probably because Bob Beck, who is a big OpenBSD developer, works there. And check out where www.openbsd.org is hosted. Thats not a coincidence either.

Availability of ISO images

[Sturm]

I was wondering if you had any intention of making ISO images available for download any time soon. I personally think that part of Linux's appeal to the average person is the ability to easily burn a CD and give different distributions a try. Is the ISO thing just a money issue?

Pizza donations

[kurowski]

I am a great fan of OpenBSD, having supported the project through CDs, T-shirts, and cash donations. But what I would really like to donate to the OpenBSD project is pizza.

Have you considered the technical feasibility and nutritious benefits of a pizza donation form on the openbsd.org site? Perhaps powered through partnership with a local pizza joint?

Re:Pizza donations

[imr]

isn t it somewhere in the samba project ? in the how to ?

Re:Pizza donations

[foo22]

The pizza "joke" is that people used to buy Theo pizza. To quote from zeus.theos.com/deraadt:

I like pizza. A good phone number to call is + (403) 531-3131. I like their medium vegetarian deep-dish. They take VISA and MC. My address is a provided a few lines up. Ok, scratch that. Now they won't take foreign VISA/MC anymore! ARGH! I need an alternative.. Please don't order from George's Pizza near my house -- they sell garbage.

Re:Pizza donations

[kurowski]

Hey, now that you mention it, I actually remember reading that a while ago. Well, that sure makes my original post sound dumb.

Re:Time warp

[Dr.+Smeegee]

Hmmmm.... I have never heard of this "man foo" style you describe. I am a high adept of the "Chi Ken" school of "Run Fu".

OpenBSD/Plan 9?

[Eponymous+GNU+HURD]

One of the criticisms i've heard of OpenBSD - merited or not - is that it faces the past, and concentrates more on fixing an existing model than on exploring new opportunities. Do you see OpenBSD sticking with its 4.4BSD baseline for the forseeable future, or would you consider moving towards a post-UNIX model like Plan 9? And speaking of Plan 9, what do you think of the Plan 9 License, http://cm.bell-labs.com/plan9dist/license.html

question to Theo

[vvikram]

Most of the stuff in the "competing" OS [kernels] now have all been thrashed out and thought
at least design wise. New features _are_ being added but are usually due to market demand, some modifications or just keeping up
with competition :) but for openBSD there must be a single big technical innovation on the top of your wishlist .
NO, i am not talking about the usual "will it be more of a desktop OS" or "where is openBSD heading" etc...
i am talking any single OS or kernel enhancement you would love to have giving you a solid [if not for long] advantage
in the near future over the others. security auditing was one such thing, do you have any other up your sleeve ?? if you would care to share it with us .....

SMP Status

[halbritt]

Earlier in the year it was announced that SMP support was being developed. On the web site it states, "SMP (Symmetric MultiProcessor) support is not yet in OpenBSD, but there exists a project, started in February 2000, to bring said support to at least the i386 and sparc platforms." What is the current status of SMP and are you targeting a specific release for it?

More on future plans of the project

[spectatorion]

Are there any plans on implementing a journaling file system for OpenBSD? I know that this (along with SMP) is a major factor for enterprise acceptance. IBM has released what it calls "JFS for Linux" and SGI has released its XFS under GPL as a Linux kernel extension, plus there is ReiserFS (now in 2.4, I believe). Because of the GPL, these projects could not be completely integrated into OpenBSD. Although I will remain a faithful OpenBSD user regardless, I was wondering if we can expect a journaling file system in any upcoming releases of OpenBSD.

-----
#cd /

Re:Time warp

[rho]

Heh!

You're absolutely right, though. I completely forgot. Guess I need to brush up and do a "man foo".

Re:Dual Processor Support (Addendum to above)

[Greg+Koenig]

Due to the merger between BSDi and Walnut Creek, FreeBSD will soon be getting the benefit of fine-grained SMP from BSD/OS. When this code becomes available in the FreeBSD codebase, do you think it will have a large impact on the deployment of SMP in OpenBSD? That is, would you expect to be able to directly leverage much of this code for use within the OpenBSD codebase?

Whoops...

[FortKnox]

Sorry. I'm used to typing FreeBSD. I shoulda just said BSD in general. It is a typo and should read OpenBSD.

--

Binary patches?

[jfedor]

Will there ever be binary patches for security bugs found in OpenBSD? It would be more convenient than recompiling every time, I wouldn't need the extra disk space and it would save some time.

-jfedor

Re:Other *NIXes

[Prophet+of+Doom]

You're asking Theo de Raadt if an OS is not secure? (actually, you asked about insecure...)

Thats like asking a lawyer if something is worth suing over.

Re:A book on code auditing?

[stu_coates]

Microsoft have beaten them to it... some years ago they came out with this

I use my copy that was bought by the PHB to raise the height of my monitor - and it's been stable for years. Ironic?.

Full Disclosure And Version Numbering

[Effugas]

Theo--

First of all, I want to thank you for the hard work you've done building OpenBSD. It truly is a wonderful package.

Much of the security in OpenBSD lies under the hood in the work you've done cleansing the source of unsafe library calls. While this work is appreciated, I've become more and more concerned lately about the fact that these changes are not necessarily documented and certainly not reflected in the version number of an application or utility.

Version numbers reflect a snapshot in the life of a codebase. They're used to reference unsafe editions or particularly stable builds. Major number reflect code branches, but minor numbers reflect specific states of the code--such is the expectation of a user or an administrator when a version number is detected. Without granularity of versioning, I have no reason to trust or distrust a given application by its number; I must personally audit its source--and end up giving it a number of my own.

You and your team are code auditing masters. Rather than pollute the namespace by making indistinguishable your securely built modified code and the original(and, by extension, your secure code and numerous unnamed distributions' "just get it to compile" modifications), wouldn't it be appropriate for OpenBSD to apply a name extension to any package which it has modified, and in the interests of full disclosure, to provide a reasonable CHANGELOG of the fixes contained therein?

Yours Truly,

Dan Kaminsky, CISSP
DoxPara Research
http://www.doxpara.com

Re:Full Disclosure And Version Numbering

[Xenophon+Fenderson,]

Well, all of their code is in CVS. Every time one commits a change in CVS, it bumps the RCS version number. Also, if traffic on source-changes@openbsd.org is any indication, they are pretty good at logging what they do to their code, so maybe the answer to your question is effictively a grep of their CVS data.

I don't think you understand how they package up their releases. It isn't like Red Hat or Debian, i.e. there are no individual packages like perl-5.003-666 or nethack-23-skiddoo. In CVS, one can have vendor releases that are imported as branches off the main line, to be integrated at some later date, so again this may become a matter of writing some kind of reporting system for their CVS tree.

Does any of this make sense?

Rev. Dr. Xenophon Fenderson, the Carbon(d)ated, KSC, DEATH, SubGenius, mhm21x16

Hey Biker

[Jafa]

So what's are your favorite local ride (within about 3 hours of home)? What's your favorite ride overall, anywhere? And the obvious required question from one biker to another- What's your best carnage story? :)

Stay muddy,
Jason

Re:OpenBSD's niche in the computing world

[Chocodile]

I wouldn't say that it has a clunky interface, exactly, or a higher learning curve. What it has is actually a very simple and elegant interface which encourages and assists you in learning in depth about your system very rapidly. Admittedly, my first free Unix-like system that I installed was Debian GNU/Linux (Specifically, "slink"), and I thought it was pretty easy to do, and people are always bitching about that, so YMMV.

Regardless, I found the interface to be refreshingly simple, and it gave me a great deal of control over my system. I'm now completely addicted to OpenBSD. Sure, there are some things about Debian I miss, but there were things that I missed about Windows when I switched to Debian. And in both cases, I feel the benefits I get from the transition far outweigh the sacrifices I have to make.

The ports system goes a long way to making things easier, much as apt does with Debian. So I can browse with a graphical browser, I can use KDE if I want, I can use Dia, the Gimp, and most other programs I find important for doing work. The main thing that needs to be done to make OpenBSD just about perfect for me as a Workstation OS is to have more supported audio programs, and part of that could just be ignorance on my part.

Anyway, I've been using OpenBSD as my workstation OS for the past sixth months, and I've been very happy with it.

Thanks

[swagr]

I had actually read an example a while ago in some compliler book based on the information in that paper (or maybe based on the article Ken couldn't find either). It's hard to forget an example like that, but it's easy to forget what reference you got it from (I did).

Anyway, it is a good point, and thanks for pointing us to a nice paper about it.

Where doe the money go?

[MrSparkler]

I've seen reports of estimated CD sales per release at being as high as 10000. Add in t-shirt/poster sales and donations and a relatively considerable sum of money is flowing around OpenBSD. Combine this with the fact that checks are to be written to Mr. de Raadt and I get curious as to how the finances are handled. Not that I'm suggesting any misappropriation is occurring, I would just like to know who is in charge of the money and whether or not the OpenBSD project is registered as a non-profit organization (and if it is then checks should be made out to - and the CD image should be copyrighted to - that organization). Also, I would like to see a small financial report put out (as would be required if it were a non-profit organization in Alberta) so that users can see where their money is going. Plus, I would also like know exactly how many CDs are sold per release.

I greatly appreciate the work that the OpenBSD project developers have put in, and I plan on continuing to use, purchase, and donate to OpenBSD (and maybe even contribute when I get the technical skills) regardless of the answer to this question: Where exactly does the money go?

Question

Theo, Has any other development team approached you, asking you implement your model and technique of code auditing? Even Microsoft should be interested in it.

Also, are there any plans to integrate Biometric hardware support into OpenBSD, to get rid of the human factor somewhat? Biometric capable OpenSSH would be a good start... Biometric capable login software...

Thanks for your time,

The Lerfted One

Re:Rock Climbing

[lonely]

Well I am just start, but it is well relaxing.

Re:Where does the money go?

[MrSparkler]

Damn. I missed the "s" in the title.

OpenBSD on laptop

[LM741N]

Well, I must be one of the more insane OpenBSD users, since I believe that is the perfect OS for the laptop. My ability to use built in encryption with cfs and tcfs, makes it perfect for storing those company trade secrets, marketing data, sales info. Swap is encrypted as well. The atapiscsi CDR capability for ide is wonderful as well. My question is if you are going to continue to make OpenBSD laptop friendly? Thanks, Rob.

Re:Man Foo

[rho]

Man Foo is derived from the more common "man chu", but with an emphasis on bar weapons.

You can see examples of the style in a couple of movies, "Legend of Accounting Master" (Hong Kong) and "Masturbatory Fists of Fury".

Your take on TrustedBSD

[spoonboy42]

OpenBSD is widely recognized, both inside and outside of the hacker community, as being an incredibly secure, stable, and robust operating system. Yet when the TrustedBSD project was recently founded to create a *BSD that would eventually be certified for use in the most sensitive areas of the US Government, FreeBSD was used as a starting point. Why do you believe this decision was made? What argument would you make for (or against) the use of OpenBSD in such a case?

OpenBSD Documentation

[nzkoz]

I have installed OpenBSD on my desktop machine and a few routers/firewalls over the past 8 months. With each successive experience I'm completely amazed at the quality of the man pages. Returning to linux and trying their man pages is a Horrible experience.

Do the development team see the need to develop a linuxdoc.org style web based documentation project or will man pages continue to be the focus

Re:A book on code auditing?

[CentrX]

The title of the book says that it's Microsoft's techniques. It seems that those techniques don't really work.

Re:Let's open the question up in one direction

[mrbinary]

Great question! If my vote counts, I personally prefer the minimalist, KISS approach that I get when I'm using OpenBSD. It's very easy to install (and damned fast too!) especially with all of the documentation available on the website, or on the CD liner if you buy the CD's. Which BTW you should - support what you believe in!

Graphical supposedly easy tools ain't always the solution: When I tried to install RH6.2 over OpenBSD 2.7, some of the OpenBSD partitions didn't get removed by Disk Druid (Yeah, OK I probably shoulda foreseen that this might happen) so my kernel panicked when I tried to boot the first time. Course the problem was discovered using the more comprehensive (but probably less newbie friendly) fdisk and corrected, but not until after I had fscked around for awhile chasing other bogeymen. Admittedly this is not a situation most users will run into, but demonstrates that sometimes the more precise tool is not as "user friendly" but much more thorough and actually ends up being easier to use in the end.

I like the idea of a steeper learning curve for a secured OS - computers are complex systems and I think it's worth learning things in greater depth for users that want that extra measure of security. If you want fair security but don't want to learn the intricacies of your computer, stick with Win2000, fairly secure for the average user. Businesses are a whole different discussion.

Kudos & mucho thanks to the website maintainers for the OpenBSD site as well as the rest of the OpenBSD dev & maint team, it rocks. I too am looking forward to ordering & enjoying 2.8!

----

Re:Satanic rituals in the worship of Darkness

[mrbinary]

You're wasting your considerable writing talents... I think this is precisely the reason many of us use *BSD... have an evil day.

: ^ )

----

Blowfish passwords

[Octal]

Why does OpenBSD use Blowfish to secure the passwd file rather than simply using an md5 hash like other unices? It seems to me that by using a symmetric cryptosystem would be more of a burden than a boon in this situation, since you have to keep the blowfish key secret, rather than just hashing the user passwords as typed and comparing them to the /etc/passwd entry.

Re:Time warp

[halbritt]

IIRC Theo was contracted to do the mvme68k port. Some commercial entity needed *nix for their industrial computers and funded the development. So, I imagine that if feature "foo" was interesting enough, it could be paid for. Theo has stated himself that many people are using OpenBSD for commercial applications, particulary embedded systems and such. I know for a fact that Network Flight Recorder uses OpenBSD. I've seen very little anti-commercial attitude among the developers on the mailing lists. However, Theo has expressed his displeasure at the corporatism and market hype revolving around FreeBSD and Linux and how the design goals and development of OpenBSD will continue without corporate influence.

java support

[tricker]

sun has supplied JDK's for solaris, M$, and linux (thanks to blackdown). is there any hope of them jumping on the BSD band wagon?

Security == Correctness

[-=[+SYRiNX+]=-]

It seems to me that the high level of security in OpenBSD is due to a careful effort toward correctness more than anything else. This not only improves security, but performance and reliability as well. Is this how you view it as well?

What do you think it would take to get companies to apply that same level of up-front care and correctness to ALL of their own products? For instance, I bet you would never get Microsoft to invest that kind of development cost in any home consumer flavor of Windows, because all their usability and marketing results tell them that most home consumers value an abundance over features of anything else. Why would/should Microsoft spend development costs on up-front correctness/security audits of a home consumer OS if it won't dramatically increase sales?

Re:Rock Climbing

[NorthernDarkness]

If you read his page, you'll see that he's a scrambler ("peak bagger"), not a technical climber. It's truly surprising how many programmers and engineers are into climbing of some sort (given the proper geographical locale). Rock climbing and writing code are practically all I do...

Time warp

[rho]

Thanks for your work, Theo. I use OBSD every day as a workstation and as a firewall, and the Cop-chasing-script-kiddie t-shirt is the best.

If you could time warp back to the beginning of OpenBSD's development (ignoring the scism that brought you to that point), what would you do differently? Would you have chosen a more commercial focus? Pushed SMP development earlier? Run around in circles waving your hands in the air?

On another note, what's your feeling about commercial use of OpenBSD? i.e., do you support it, tolerate it, or what? (better example, I make a set-top box running OpenBSD, and I need the OS to do "X". If I called you and said, "Theo, I need OpenBSD to support 'X'", would I be told to piss up a rope, write it myself, or would the OpenBSD team do it for a price?)

Re:Time warp

[nocomment]

Why don't you just install it? the packages are there...

Re:Time warp

[Morten+Liebach]

% man foo
man: no entry for foo in the manual.
%

No foo in OpenBSD, sorry.

Re:Time warp

[Jose]

On another note, what's your feeling about commercial use of OpenBSD?

The OpenBSD team is happy to have the commercial use of OpenBSD...a quote from their web page:"OpenBSD encourages companies and independent developers to create products for use with OpenBSD, or based on OpenBSD itself. "[1]

They may or may not implement "X" for you though. I would imagine that if what you want is of general interest to everyone, they would probably do it for free, if not you could contact some of the developers on this page, and they would probably be happy to help you out..for a price.

[1] taken from http://openbsd.org/products.html

Theo

[swagr]

What do you think about Bruce Schneier saying "Security is a process, not a product." Is OpenBSD a secure product?

Re:Results of OpenBSD's code audit

[KeLp]

I already have a pretty good idea of what his answer will be to this one. Read bugtraq long enough, (and talk to theo a few times in person) and it becomes pretty obvious.

Their CVS repository is public, and they have a commit logs mailing list. You can also look at http://www.OpenBSD.org/plus.html for really important changes, and ones for which patches were made. The other BSDs (and anyone else for that matter) are free to check these resources as often as they want for the results of the OpenBSD source audit.

Re:Making the rest secure

[pdholden]

I think its an issue of man power...
The site quotes: "The ports & packages collection does NOT go through the thorough security audit that OpenBSD follows. Although we strive to keep the quality of the packages collection high, we just do not have enough human resources to ensure the same level of robustness and security.

Let's open the question up in one direction

[twilight30]

(No pun intended of course)

To what extent do you see OpenBSD using more graphical tools as part of the system and install? Newbies coming to Linux in the last year now have a range of handholding options that make security and other decisions on their behalf, often with little merit, along the lines of the 'let's keep it in line with the Windows-style experience'. Do you think OpenBSD should make any moves in this direction?

Very much looking forward to ordering 2.8.

Re:Trust

Hmmm, I wonder if this could actually work... It seems to me like the assembler could be subject to the same exploit as the c compiler (Kernighan actually mentions this on his page). But perhaps you could make the cc directly in machine language (together with comments in assembly) and leave it up to the reader to find out that the two are one in the same. Kernighan also mentions something about microcode, but I'm not really sure how you could do that unless you were Dell or HP or something. In any event it's an interesting point. I wonder what someone with a little more experience in the security realm than myself (like Theo) would say about it...

Re:just a quick one

[nocomment]

you have preferences, use them hide all the stories you want hide all the artivles you want...sheesh

Re:A book on code auditing?

[RocketJeff]

I hate replying to what is probably a flamebait, but...

Writing Solid Code : Microsoft's Techniques for Developing Bug-Free C Programs by Steve Maguire is a good book on the subject. Ignoring the obvious anti-MS mindset of the original poster, this book has good techniques for any platform.

One of the books I rate higher then this is Steve McConnell's "Code Complete," which is also from MS Press. Maybe MS doesn't read their own books - but a lot of the are great.

Several Questions...

[thedesertfox]

Theo,

I hope you are able to answer these questions (if they get to you).

1. I'm still learning C but I would like to know if you have any advice on learning how to program drivers for OpenBSD...(I have a Vortex 2 Sound Card that I'm hoping to see if I can port once I have a good ability to write in C).

2. I understand that someone has (to some extent) ported GNOME to OpenBSD, is there a plan to have it in the collection anytime soon?

3. How do you feel about 5 years of OpenBSD?

4. And if you don't mind me asking, what's your favorite OpenBSD artwork?

-----

Other *NIXes

[n3rd]

Theo, what are your general thoughts on the other UNIX variants out there? Is Solaris too slow? Is IRIX waaay insecure?

Also, which UNIXes do you enjoy working with (other than OpenBSD)?

Sparc install problems

[svinto]

I've been trying to install OpenBSD on an old
head-less Sparc with a serial console for years.
In the errata for OpenBSD 2.8 there is a known bug
and a patch for serial console on sparc. Great, I'm glad someone finally found the bug. But how do I install the damn thing, when no pathed kernels
seem to be available?

read the faq dumbass

[ArchieBunker]

http://www.openbsd.org/faq/faq3.html#3.1.2

how do I MAKE my own ISO image?

[ConsumedByTV]

I have been trying to figure out how to make my OWN ISO image, not download one from you ( I read the FAQ) but I cant figure it out. How can this be done? Do you have instructions somewhere where I can find out how to make a bootable openBSD cd installer? I just hate to use floppys, and even then I cant have all the ports on one floppy. Can anyone help me with this? Its hard to start using a new "Better than the rest" system if you cant even install it. I really have a hard time seeing how openBSD is better than freeBSD if you cant install it easily, and I dont mean click, click, and your done, I mean some good instructions on how to make a cd bootable (what files, un tar this, untar that, ect). I under stand that the cd layout is copyrighted but I find it a pain that I cant install this OS, I really want to try this. FreeBSD isnt that great, on default install it had something like 15 ports open, I know that openBSD wont have that, so clearly if I am going for BSD I should go for the more secure one, right? Can someone help, my poor confused self? Jake@callatg.com

Installation

[gruntvald]

The installation of OpenBSD is horrible, compared to just about any OS. Are you going to improve this? How about a handbook? Having a "sample" response printed on the CD cover is not what I'd consider adequate.

Re:Installation

[db]

I really disagree, here. If you take the time and reada little documentation before you begin, namely the Install.i386 file, it provides a step-by-step walk through of the process, and when you think about it it's pretty logical.

I've installed, on many occasions, OpenBSD, and I've never had a single issue with the installation process. I find it really easy to install VIA FTP or HTTP.

--
Dave Brooks (db@amorphous.org)
http://www.amorphous.org

Re:Making the rest secure

[electricmonk]

Tools like these already exist to somewhat prevent total system compromise through the compromise of one application. chroot and jail() are good examples, although I am uncertain whether OpenBSD has jail() (FreeBSD does, so it wouldn't be too much of a stretch to say OpenBSD does...).

Results of OpenBSD's code audit

[Linux+Freak]

I was just wondering if the results of OpenBSD's code audit is then shared with the other BSD projects (FreeBSD, NetBSD)?

(Aside to other Slashdot readers: By the way, www.kerneltrap.com is preparing to interview some developers at BSDi, so if you're interested in systems programming or kernel architecture, why not suggest some good questions there as well?)

Secure File Deletion

[gh1111]

I know that you integrate a lot of security into the kernel as well as the operating system as a whole through the use of cryptography, code auditing, small base install, swapfile encryption, etc. But, I have not seen OpenBSD do anything with secure file deletion. I know that there are programs around that will securely delete files, but that depends on the user remembering to use it with certain files, not with others, etc. What I was wondering was have you ever considered implementing secure file deletion into the kernel in such a way that when a partition is mounted, a flag can be given either through fstab or the command line that will cause the kernel to automatically securely delete files on that partition and not others? What do you see as the pros and cons of this and do you consider it a valid idea?

Re:OpenBSD's niche in the computing world

[divec]

The ports system goes a long way to making things easier

How easy is it to uninstall something which has been installed using the ports tree?

Re:Easy to use based OS?

[Art+Tatum]

There are steps underway to get GNUstep running on OpenBSD. (It can be done even now, but it's difficult). GNUstep is really starting to pick up speed and acquire some end-user applications. I'd say it should make a killer desktop environment in the next couple of years, especially when people start to write applications for MOSX.

Linux vs. BSD

[Mdog]

Personal bias aside (heh), what considerations should a person take into account when chosing between OpenBSD and another free operating system which shall remain nameless?

OpenBSD's niche in the computing world

[shamino]

What is your intention for OpenBSD in the computing world? Most knowledgable people wouldn't doubt it is a great operating system and that it fits very well providing network services (I for one use it as a firewall, NAT router), but it's clunky interface (and higher learning curve) is keeping from being a top notch workstation (a la FreeBSD, Linux). Do you have any plans to increase OpenBSD's usability as a workstation type operating system? --Shamino

Re:OpenBSD's niche in the computing world

[jslag]

How easy is it to uninstall something which has been installed using the ports tree?

See for yourself ...
http://www.openbsd.org/cgi-bin/man.cgi?query=pkg_d elete&sektion=1&apropos=0&manpath=OpenBSD+Current

Re:OpenBSD's niche in the computing world

[MadPhatTim]

[...] but it's clunky interface (and higher learning curve) is keeping from being a top notch workstation (a la FreeBSD, Linux)

I have to disagree with that. OpenBSD makes a fine workstation OS. Just for starters, the generic kernel has sound support built in, unlike the generic FreeBSD kernel. What clunky interface are you talking about? csh (or tcsh/bash/etc. if you prefer) is virtually the same on any Unix-like OS. Windowmaker, KDE, etc. are in the ports tree if you like pretty windows.

I don't want to get involved in the *BSD vs. Linux holy war, but I don't see why you think OpenBSD is less suitable as a workstation OS than FreeBSD.

---

Re:OpenBSD's niche in the computing world

[Marasmus]

I would agree strongly with Chocodile on, well, all of his points!

OpenBSD is by no means any more difficult to learn or use than, say, RedHat. OpenBSD has very thoroughly and consisely documented information on their system, their methodologies, etc. Their tools are respectably inter-operable and close-knit. RedHat has a number of undocumented and/or poorly/obscurely documented system files, system utilities, and other core components that should be handled with better care.

I started using Debian, then went with Slackware (still my #1 Linux), tried FreeBSD (and HATED IT@##@$@), and then used OpenBSD. Currently there is ONE reason why OpenBSD is not on all of my servers (it's on half of them): support for only 8 character usernames. Its stability also exceeds that of Linux by orders of magnitude, with my hardware.

As far as workstations go, I have a SparcStation IPX (40mhz) that served as an X workstation until 3 weeks ago, when I got a Sparc 5/110 for next-to-free. I entirely didn't need to upgrade from the IPX - it was a fully useable workstation that ran surprisingly well. Not many operating systems can do that with a 40mhz machine. :)

I'll make one complaint (and it's probably not really OpenBSD's fault): On the SPARC architecture, I can't compile ORBit, thus I can't compile GTK, and thus I can't use xmms. That's my only complaint.

Security education

[Art+Tatum]

I'm pretty sure that the core GNUstep developers would be interested in auditing their code for security. The question is how to educate third-parties on the auditing process. I'd be interested in knowing your thoughts on this.

Security's place in OpenBSD

[kjetilod]

When was the decision made to make security the prime concern for the OpenBSD effort? Was this in the back of your mind when you left NetBSD? Did the developers joining OpenBSD contribute to this decision?

More a question of personal preference

[Xenophon+Fenderson,]

Personally, I think OpenBSD has a very clean, very easy to use install. The only thing that needs to be improved is when one partitions the disk (and the needful improvement there isn't so much a "make it a nice GUI" but "add a command to Do the Right Thing automagically"). Contrast OpenBSD's install (choose from seven packages) with Red Hat's install (choose from 600-something RPMs) or Debian's install (choose from several thousand DEBs), and maybe you'll start to see where I'm coming from. It is next to impossible to strip a Red Hat install down to a useful subset without spending a half-hour (or more) going through the list of RPMs.

Again, this is a matter of personal taste.

Rev. Dr. Xenophon Fenderson, the Carbon(d)ated, KSC, DEATH, SubGenius, mhm21x16

Re:More a question of personal preference

[Faulty+Dreamer]

Believe me, I do understand completely where you are coming from. I too have fought with Linux installers trying to get a "bare-minimum" system installed, and it is a huge pain.

The only thing I was trying to ask is, why not have something "other" possible. I realize that OpenBSD is a great and tight little system. But, unless you are already a Unix guru, or at least willing to learn Unix fairly well, you either:
A) Won't have much use for a "standard" full installed OpenBSD system.
or
B) Will not be able to get enough installed on top of the "standard" full install to make a nice, clean, and "easy-to-use" (by the normal "idiot-friendly" standards) system.

My question wasn't about changing the current OpenBSD, but about how Theo, and/or the other OpenBSD team members would feel about another group pushing the desktop/easy-to-use/idiot-friendly type of installer and desktop system. I don't have the energy to pursue it (especially alone), but someone out there might do it if the interest was there.

Seriously, who wouldn't love a OpenBSD system with KDE2 + Mozilla + OpenOffice with a full code audit done on every piece of software on the system for their desktop/laptop? I just wondered if the current OpenBSD team would support such an effort, or mock it because of the dumbing-down effect (or appearance, as the case may be).

How's the alcohol project?

[nanolith]

According to Theo's web site you have been making alcohol...

Any further success? (inquiring fans want to know ;) )

Trust

[dirtyhippie]

What are your thoughts on Brian Kernighan's paper "Reflections on Trusting Trust"? It almost makes a code audit seem hopeless, because not only does one have to audit all of the code one compiles to trust it, but also all of the code that generated that code (ie previous versions of your c compiler).

Would it be possible to, say, make a very small, very simple (read: no optimizations) cc compiler written in assembly for each architecture, and compile gcc (or whatever our system compiler is) with this trivial compiler first? It seems to me that this would eliminate the problem of having to know whether the entire history of whatever code we were running was trojan-free or not. If this is in fact possible, is it something that you would be interested in having in OpenBSD? In any event, keep up the good work!

Re:Trust

[dirtyhippie]

Oops..... If that question makes the list given to Theo could someone change the typo in the orig so that it says Ken Thompson instead of Brian Kernighan... I had it wrong in the orig (thanks for pointing that out)...

Re:Trust

[tietokone-olmi]

Or, you could disassemble the original C compiler and look for suspicious sections. Although I won't believe that they've actually done that.

Easy to use based OS?

[Faulty+Dreamer]

As someone who has used (and still uses) OpenBSD from time to time I have been extremely impressed with the security and the fact that it installs a "minimal" system that you can later build up.

However, as a person that deals with new entries into the use of open-source/free software on a regular basis, I have often wondered about the possibility of an easy to use/install version of OpenBSD. I realize in the past that the OpenBSD team has sort of shrugged off the ease of use idea as un-important when compared to the security issues, and that is all well and good for the primary drive of OpenBSD. However, as a person that would like to see people become more security concious (or at least aware of security as an issue), and a person that would love to see common desktop systems become far more secure, I have often wondered about developing a solid desktop system on top of OpenBSD.

My question is not whether or not you and the OpenBSD team would themselves do this. I believe you have addressed this in the past (with a resounding "not now"). But, I would be interested in whether you would support an effort to do this sort of project or not. If a group were established with the sole purpose of developing a desktop distribution based on OpenBSD (and auditing every line of the desktop applications as well as your current teams does the base system), would you look at that as a positive for OpenBSD, or a negative? Would you be willing to commicate with the individuals that would be attempting this, and occassionally help them out with coding issues if they asked? Or would you at least voice support for an effort such as this? Or would you flat out seperate "real" OpenBSD from any attempt to make it more "user friendly"?

I would be very interested in your response.

Re:Easy to use based OS?

[Vspirit]

Faulty Dreamer,
Your idea is very appealing to me, a simple dreamer who wish to see more unix based desktop solutions deployed at our customer with ease of use for the customer, but although I am an executive and do have financials conciderations, I am always a dreamer, else I have no visions to base our business on. As a dreamer I am idealistic and hope Theo is likewise.

From my point of view I would rather support an implementation you do on top of the base system so it is based on modularity. So instead of focusing on integrating it all into one box, do protect the freedom of choice and preserve modularity. Something for the BSD's as Helixcode/Gnome is doing while focusing on linux.

You appearently aren't as $$$ oriented as you fear since you bring up the issues indirectly which must be your conciousness speaking out indirectly.

With the financial cap on, I can add that the idea of modular packages seems more appealing as well. We don't want another microsoft solution. Its a matter of philosophy.

Ok, well hope you could use my 0's and 1's. good luck.

OpenBSD ISO Policies

[Logic]

Given the proliferation of cheap (ala CheapBytes) and free (from zedz, for example) ISO images of OpenBSD CDs, and the far more "available" nature of your *BSD and Linux competition, do you believe that your copyright (and through it, the official OpenBSD policies you've created) on the layout of the OpenBSD CD still warranted? Why?

Forking and Cooperation - one issue or two?

[jonesvery]

In the context of the NetBSD/OpenBSD fork, an earlier poster asked "do you see any chance for greater cooperation in the future, or do you see more forking and division as inevitable?"

Others have asked about the possiblity of making OpenBSD more desktop-friendly.

My question, then, is this...
Do you think that the increasing mainstream awareness of *NIX is pushing developers towards:

• Building a single "one size fits all" *NIX OS?
• Specialized distributions that are developed in cooperation, with an eye to working and playing well together?
• Some other model entirely?

Coke Is It (1982)

Embedded Devices and Speed

[EverCode]

Linux is making huge advances with embedded devices. Will OpenBSD (or any BSD) try to keep up with Linux there?

Also, does new security advances, like an encrypted swap file, slow down performance significantly?

is the industry's *nix craze good?

With almost all current Operating Systems being Unix-based now, what are your feelings about this? While a Unix code base clearly gives upstart OS's a great beginning, won't this eventually lead to a dead end, innovation-wise. are we already approaching the dead end?

On a similar note, wouldn't the industry benefit hugely from a new OS (open source?) that's not another Unix? Even if such an OS never becomes as good as a *BSD or Linux, the process itself would benefit the entire open source community.

Systems Programming

[Semaphore]

Hi Theo,

First, thanks for your work. I use OpenBSD every day for both workstations and servers. It's hard to beat.

My question is: How did you get started with OS programming? I guess reading books(Such as The design and implementation of 4.4BSD by McKusick & Bostic) together with source is one way to start. But which path did you take and how would you recommend getting into the details, given a solid knowledge of C, application development etc is present?

Good luck in the future!

I thought everybody here worshipped Satan.

[ahfoo]

The poster must have been aware of this because they didn't log-in. That makes the message particularly odd.

Performance in relation to other Open OS'

[dmelomed]

I know performance is not a primary focus of OpenBSD, but how does it compare when running I/O intensive tasks (preferrably multithreaded applications) to FreeBSD and Linux? Does it carry any scalability features like FreeBSD's kernel queues? Are there any highly scalable daemons in planning? Have there been any large installations of OpenBSD similar to Yahoo or Hotmail?

A book on code auditing?

[LizardKing]

Would you and/or other members of the OpenBSD coders consider writing a book on secure, bug-free coding and auditing? Most programming books feature sample code that is written for pedagogical purposes. Quite often this runs contrary to how secure code should be written, leaving a gap in many a programmers knowledge. A book on audinting and how to avoid security pitfalls when coding would also make your life easier - less code to audit for OpenBSD, and more time top concentrate on nifty new features!!!


Chris

Making the rest secure

[squiggleslash]

OpenBSD has a well deserved reputation for security "out of the box" and for the fact the inbuilt tools are as secure as they're ever likely to be. However, the Ports system is, perhaps, an example of where the secure approach currently has limitations - an installation of OpenBSD running popular third-party systems like INN can only be so secure because the auditing of INN, and other such software, is outside the scope of the BSD audit.

My question is, has the OpenBSD team ever proposed looking into how to create a 'secured ports' tree, or some other similar system, that would ensure that many of the applications people specifically want secure platforms like OpenBSD to run could be as trusted as the platforms themselves?
--

Re:Making the rest secure

[Marasmus]

This is a horrible example, verging on a flame, but eliciting ideas is what i'm all about:

Do you think that, for example, OpenBSD could successfully authorize other developers' software (Lets use ISC BIND server as an easy example) without code changes? My opinion would be that they could not do this. The reason is that the OS team would have to FULLY audit every third-party program. They would have to report back possible bugfixes (to CVS, hopefully with commit priveleges), wait for another release version, and re-audit again! I believe it would tie down the OS developers too much in babysitting others' code to work on their own.

It would be a very cool idea if they could find a better-than-lukewarm way of doing this, but I for one do not see a feasible way of doing it.

Rock Climbing

[neutrino]

Theo,
I also am an avid rock climber and I was wondering what level you climb at and what you feelis your biggest climbing accomplishment. Do you do big wall or any mountaineering, or do you just do sport climbing and bouldering?
--neutrino

What sets Open BSD apart?

[Atreides_78723]

Assuming you are speaking with someone who somewhat unfamiliar with OpenBSD, what would you say sets it apart from other operating systems? Why would it be preferable to *nixes or NT or whatever else someone could think of?

Why FreeBSD?

[FortKnox]

What is it about FreeBSD that makes it more desirable over all other forms of *NIX? I'm a Linux user and haven't been convinced on why to switch to FreeBSD. What do you think are the advantages of your project over other OS's?


--

A couple of questions.

[h0p]

First off, great work on OpenBSD.

(1) I have been looking into the new linux 2.4 kernel that is coming out, and its new advanced routing sections look very impressive. Specifically the policy based routing (including user based routing), traffic sharing/load balancing, GRE Tunnels, and class based queueing (SFQ,RED,TBF,etc). Is OpenBSD going to include advanced routing techniques similar to the new linux kernel any time soon?

(2)Juniper networks are using FreeBSD for some of their routing equipment, what do you think of the possibility of an OpenBSD based router?

(3)Bastille linux (a linux hardening program) is getting some decent comments lately. What are your thoughts on their approach to securing an operating system? That is, a program that is run post install and hardens the operating system based on how secure the user wants to be.

Keep up the great work.

Unifying the base?

[keepper]

This probably has been commented a lot, and there are more issues than just pure technical ones for this not having happenned before. But, is there any thought on your part, of possibly more code sharing between the bsd's.

Maybe even creating an "architecture council" in which the core of each project would have a say on features that should/can/may be implemented on both kernel and userland?

This would not have to be a "you must do this" kinda thing, but rather and amicable forum to discuss new ideas and share implementations?

So what's your thought on this? do-able, possibility, of have i been smoking too much crack?

;)

Re:Time warp (more specific)

[rho]

I guess I could be more specific

As a wise AC posted below, let's say I have a product in mind that uses OBSD as a base. However, in order to make the product more powerful, I needed the OBSD kernel to move from user-space threads to kernel threads.

If I offered the OBSD team $50K to move the kernel to that model, would they do it?

A more egregious example: in order to make my Whizzo Superdevice sell, I need OBSD to integrate a proprietary security algorithm within the kernel structure (for God-knows what reason -- it's an hypothetical, worst-case example). The kernel needs to support it, but the algorithm can't be distributed with the normal distribution. Would the OBSD team merge it into CVS (assuming I'm just a guy with a great idea but no coding "skillz")?

It would be a tough call for me, I know. I'm not terribly idealistic, and the $$$s might sway me -- I was wondering if Theo is immune or not.

Re:Security Improvements...

[jcs]

project goals.

it's the first link on the page. why was this moderated so high?

Everybody order Theo a pizza!

[db]

I think Theo deserves several pizzas for his devout work on this project and all the time, money, and effort put into it. I wonder if its possible to cause a Slashdot Effect on a local Calgary pizza joint? :)

For those of you who don't subscribe to the OpenBSD mailing lists, Theo always ends up telling people what they need to know, despite a sharp comment from time to time which keeps it interesting :) I feel that from my exposure to OpenBSD and it's community, it's overll a very helpful and proactive group of people.

Everybody give Theo some thanks if you get the chance.


--
Dave Brooks (db@amorphous.org)
http://www.amorphous.org

Embedded/Floppy Based OpenBSD

[trog]

Stallion Technologies offers embedded OpenBSD-based appliances, but there is little to no information regarding the building of such a device. It seems to me that OpenBSD would be great as a floppy-based firewall, and I can think of many other uses for a small-footprint/embedded version of OpenBSD. Does OpenBSD have any plans for providing consise documentation on the building of such a system? Barring this, does the OpenBSD project have any plans to document how the OS can be installed on a single floppy disk?

OpenBSD, security, et al.

[jd]

With the release of SGI's B1 code, and the attempts by many U*ixen to secure their contents via capabilities, ACL's, etc, ad nausium, how is OpenBSD approaching the issue of resource control?

On a side note, is OpenBSD likely to ever head in the direction of being a distributed kernel? And, if so, how would security and resource management be maintained? (It's hard enough on a central kernel system.)

No Architechure

[_iris]

It would be extremely nice if the BSDs shared more code, for various reasons. However, I am entirely opposed to a shared architechure.

If the BSDs shared a common architechure, they would become endlessly similar. It would, in effect, form a development model much closer to that of GNU/Linux's where each different operating system is really no more than a different distribution of the same operating system.

Not so much of a codebase, but a library of easily reusable, architechure (os, not system) independant code which each BSD had the option of using would be great. This would be a great start towards the ever-wanted unified ports tree.

However, this should really be an open effort, with a wider system of determining its contents than that of a council. Perhaps CGI-based voting for CVS commits/(sub)tree merging?

The only question is if the OpenBSD guys could audit the library as fast as the FreeBSD guys could develop it; If the NetBSD guys could port it as fast as the FreeBSD guys could develop it; if the FreeBSD guys could write it portable enough for the NetBSD guys to use it, and so on.

Disclaimer: This opinion applies to operating systems other than the BSDs. Free, Open, Commercial, Public Domain, "I Like Linux Because my Dick is too Small", whatever. (Also applies userspace code).

Some questions

[incitepv]

A few questions, there have been some accusations that the OpenBSD team hides expoits so that the OpenBSD can keep an untainted record. I agree with your idea when auditing code that you don't really test for exploits. But that might mean the statement "Three years without a remote hole in the default install!" that an exploit might have been steam rolled by the openbsd process, what is your take on that?

Second, What is your thoughts on SecureBSD and their concept that everything should report what is going on? (such as being able to track what files have been opened, or what has been excuted)

Third, Since you are a rock climber what rating (on any popular climb rating system)are you comfortable at?

Forks and cooperation

[PapaZit]

A lot of people know that OpenBSD forked from NetBSD, and there's still some animosity between the two groups. Personally, I think that the competition has helped both groups (NetBSD now ships with far fewer open services, for example).

Egos are delicate things, but do you see any chance for greater cooperation in the future, or do you see more forking and division as inevitable?

--

Do you see OpenBSD in the trailing position?

[mr]

Given the desire to audit code before it makes it into OpenBSD, and the limited number of people who find joy in code audits, do you feel that OpenBSD will eventually end up so far behind to be eventually considered a historic footmark, like 386BSD?

Do you feel that others opinion of you hurts the progress of the OpenBSD project? (if honey attracts flies {bugs}, does your vinegar nature keep the bugs away?)

Security Improvements...

[Cmdr.+Marille]

What do you think will be major Security improvements/features(kernel/base system) that are going to be added to OpenBSD?
Where is there still room for a lot of improvement? Also what are the goals of the OpenBSD project besides default Security?