Slashdot Mirror
Vulnerabilities in FreeBSD
flynn_nrg writes: "O'Reilly has an interesting article about vulnerabilities in common programs found on most FreeBSD boxes. From the article: "Welcome to Security Alerts, an overview of recent Unix and open source
security advisories. In this column, we look at buffer overflows in
OpenSSH, Squid, Listar/Ecartis, slrnpull, and IRIX's syslogd; problems
in Sudo, MHonArc, and Mosix; and a local root hole and denial-of-service
attack vulnerability in FreeBSD.""
only 2?
:).
Heck, I'm waiting for my Service pack 3 for win2k to apply the 14 pages of hotfix and security patch automatically to my newer systems without having to reload the windowsupdate/rebooting 3 times (explorer 5.5sp2, reboot, security roolup jan 2002, reboot and finally the critical, and that doesn't include post-sp2 hotfixes that aren't "critical").
No wonder I am considering FreeBSD for my email server, yeah it'll need maintenance and security, yes I hate the overhead and everything is so much simpler in windows, that I have to give it to microsoft, but GOD, I don't want to reboot a zillion time after applying patches every week, heck, I don't want to apply patches every week
--- Metamoderating abusive downgraders since my 300th post.
So what?, I hear you say. Linux is stable and secure. Wrong again. The Lion worm proved that Linux is not as secure as one might believe. The fact that VMs get changed in the middle of a stable release branch (2.4.x) shows bad organization.
It took Linux years to overcome its awful filesystem problems, and now journalling filesystems are available. But speedwise, compared to the FreeBSD FFS, they are slow and cumbersome, and have yet to prove as reliable. FFS Softlinks are a few generations ahead of any journalling filesystem on the market.
FreeBSD is far better organized, the ports and packages collections are better synced and more reliable, the system is more stable and easier to understand. The firewall included with FreeBSD has been proven and has a far better track record than ipchains or iptables, the latter having security problems in its first week or release, the former having no stately inspection and being a complete mess due to its shell-script bound layout.
But Linux has more software than FreeBSD!, scream the Linux die-hards. What they fail to realize is that 99% of Linux software runs under FreeBSD. I haven't encountered a Linux program that didn't run under FreeBSD. Sure, I've heard reports by trolls that certain software doesn't work, but all the software I've tried works, in fact, even faster than the native Linux versions in most cases. To the VMWare troll: Yes, VMWare does work under FreeBSD.
FreeBSD vs Linux is a debate that won't ever be settled, but people who have used both generally prefer FreeBSD for mission-critical tasks. Those who claim that FreeBSD performs worse than Linux either haven't used FreeBSD or are trolls.
I won't say that FreeBSD is the best Unix variant on the market, but the best open source Unix variant? Yes. Solaris is still tops, but in terms of Free (Open Source) systems, FreeBSD is probably the best all-rounder. NetBSD, OpenBSD and Linux all have their respective places, but overall, FreeBSD will probably take over most of the open source server market, at least in organizations with serious management.
Then how come I know of people who are ditching freebsd for linux because of the lack of easy patching? The BSD license is one of the reasons Microsoft is were it is today and I won't run any OS that helps M$.