Slashdot Mirror

← Back to Stories (view on slashdot.org)

OpenBSD 4.1 Released

Posted by kdawson on from the hot-bits dept.

adstro writes to quote from the BSD mailing list: "We are pleased to announce the official release of OpenBSD 4.1. This is our 21st release on CD-ROM (and 22nd via FTP). We remain proud of OpenBSD's record of ten years with only two remote holes in the default install. As in our previous releases, 4.1 provides significant improvements, including new features, in nearly all areas of the system."

5 of 218 comments (clear)

  1. Just curious... by darnok · · Score: 5, Interesting

    My OpenBSD firewall box is several years old now (version 3.x), just keeps working and probably will until the 8yo hardware finally dies. Although I'm interested in the features in 4.1, and congratulate the developers on what'll doubtless be another good release, ultimately I'll probably stick with my existing setup. I *love* OpenBSD, for precisely one reason; it does what it's supposed to, and in my experience it *never* fails. However, I'm very unlikely to upgrade to any new version; why change something that works perfectly?

    For those of you using OpenBSD, how many of you are in a similar situation?

    1. Re:Just curious... by Noryungi · · Score: 3, Interesting

      In other words, if you don't upgrade unless/until a new remote root exploit is found, you still have to worry about local users rooting your box (and don't forget that there typically are users like "www" etc. even when no actual person besides you has an account on the box; not a big problem for a firewall, most likely, but servers in general aren't automatically safe), and you still have to worry about remote priviledge escalation, remote denials of service and the like, too.

      True, but you should also read about PrivSep, W^X, security levels, systrace and other important security mechanisms that mitigates those risks (while not entirely eliminating them). All of these (and more) make a well-configured OpenBSD machine a very tough nut to crack. So to speak.


      To me, the best thing about OpenBSD is not that it is perfectly secure (that can't be achieved) but that security is taken seriously and all this mechanisms are activated by default. The excellent documentation, especially manual pages vs the GNU unreadable info pages mess, and reactive developper community are also big pluses in my book.


      --
      The right to offend is far more important than the right not to be offended. (Rowan Atkinson)
  2. Downloads by dleigh · · Score: 4, Interesting

    Why not a link to the .iso download page in the article?
    (Yes, that was annoyed sarcasm). I'd rather donate to the project and download an image than get one shipped, I can't believe OpenBSD is still refusing to provide Official ISOs.

  3. OpenBSD 4.1 Release Song by Anonymous Coward · · Score: 5, Interesting

    You mustn't exclude the OpenBSD 4.1 Release song from this article!

    http://www.openbsd.org/lyrics.html
    ftp://ftp.openbsd.org/pub/OpenBSD/songs/song41.mp3

  4. Re:Yea, but... by TheRaven64 · · Score: 4, Interesting

    Sysjail has a nice feature, where you can run everything inside the jail via a foreign system call framework. This means you can set up a sysjail on OpenBSD containing a complete Linux-compiled userland, and users can access it without ever being aware that it's not Linux unless they try to load a kernel module (or use a system call that isn't emulated).

    --
    I am TheRaven on Soylent News