Slashdot Mirror
OpenBSD 3.2 Available
fredrikv writes "Right on time, the files defining OpenBSD 3.2 have moved away from "snapshots" to the 3.2 directory of the OpenBSD mirrors. It is well known as the world's most secure operating system and now sports chroot'd Apache, fewer suid binaries, cool pictures for xdm-logins, a brilliant "antispoof" packet filtering rule and as usual includes lots of small updates and fixes. The files are there. What are you waiting for?"
Download the sources. Burn on a CD. There you go.
IF oyu want it bootable, that's also fairly easy to pull off as well. Just have it boot to the floppy image.
Otherwise, buy a CD.. we need the money.
-- clvrmnky
Short Answer:
.
OpenBSD has less 'nice' functionality, slightly less performance tuning, and no SMP support.
On the other hand it has an extremely well-audited source tree (by largely the same developers as OpenSSH), SoftUpdates, the new systrace work, an excellent brand new packetfilter that has yet to fail to impress from either a security or speed standpoint . .
OpenBSD isn't really so much the most secure OS in the world as it is in many situations the most secure OS on the x86. For most of us around here, that's probably close enough as makes no odds.
The last release (in a bug that affected the prior release as well) had an OpenSSH issue in the default installation that became the first remote compromise for the default installation in nearly 5 years of the operating system. Admittedly, most things are turned off by default (although I wish a few more - portmap, inetd). Because of this and a few other errata, 3.2 has been looked forward to for a long time.
To sum, you have a stripped-down no-nonsense OS with all of the unnecessary crap tossed out of the default installation and available as ports and packages to those that want it. The perfect OS for those who want a secure router, and/or single/few-function server. This isn't an appropriate choice if you need more than a commandline, really, and there's a fair amount of pride amongst the user community over that.
Depends who you talk to ;)
A good place to start is here, to find out what the intentions of the OBSD project are. Then check out the OpenBSD Journal to see what people do with it.
My two cents: OBSD really shines as a secure inet server. Things like httpd, sshd, firewalling, bridging, routing. People do use it as a desktop, but IMHO it is not as desktop-friendly as FreeBSD. *shrug* I run it basically headless, as does everyone I know.
Then again, a cutting-edge desktop system is not a primary concern of the OBSD project.
-- clvrmnky
Well, this is a hardship only because you want to dual-boot, I'm guessing. Otherwise, you just partition and mount so that / is on the first 8Gb slice.
There are third-party boot managers that do magic to allow booting to happen from almost anywhere, for almost any OS. I don't know if it works with OBSD or not.
I've only run OBSD stand-alone on headless edge boxes, so I've never worried my pretty little head about the 8Gb limit. I'm assuming most folks who pay for the CDs every 6 months or so feel the same way. Well, that and the stickers. The stickers rule.
-- clvrmnky
... couldn't make it through the 'Lameness filter'.
Please go to http://deadly.org where they did make it through.
Todd Fries
There's little reason for SMP in openbsd
/tmp race conditions are bad ? How about race conditions in the kernel ? How about the fact that not even Intel is consistent in their docs on how two x86 chips re-order operations and maintain cache coherence in some situations.
1) It makes security that much harder. Think
2) 99% of the software on openBSD is fork/exec anyway. You might as well use assymmetric multi-processing, or, better yet, buy 3 uni-proc boxes for the price of a dual proc box, and partition your load accordingly.
My opinions are my own, and do not necessarily represent those of my employer.