Slashdot Mirror
OpenBSD 4.5 Released
portscan writes "OpenBSD 4.5 has been released. New and extended platforms include sparc64, and added device drivers. OpenSSH 5.2 is included, plus a number of tweaks, bugfixes, and enhancements. See the announcement page for a full list. OpenBSD is a security-oriented UNIX/BSD operating system." As per OpenBSD tradition, of course there's a song.
Oh BSD for server farms,
For blinking rows of lights.
For late night coke and deli runs
In those bitter winter nights!
NetBSD! FreeBSD!
Dick shakes his fists at thee
And hates much more the fact that you're
As dead as dead can be!
Title says it all: http://www.sun.com/software/solaris/get.jsp
#include <sig.h>
NetBSD 5 yesterday, OpenBSD 4.5 today and a three day weekend ahead.
*fap*
Stop Computers/Cars Analogies on S
It's a spectrum, and not all OSes are good for all applications. I for one am glad that there are people taking security seriously in an OS. Maybe it's hard to use for the average user, but in server and embedded environments, it excels.
You can also bet that other *nixes (especially other BSD flavors) take hints on how to secure themselves from OpenBSD.
Use whatever OS suits your needs best, just don't try to bring other distros down for not following your vision.
I don't think that there are many people out there that would claim that OpenBSD is comfortable to use and would make a good desktop system.
But it has its small niche market and lives there happily. Additionally we all benefit from this project one way or the other (OpenSSH, etc.)
It's a bit similar to Minix: interesting and certainly helpful in its own way. But nothing for everyday usage.
Actually, they do provide a patch branch of the core release for 1 year post release, they just don't provide any application updates during that time. What they advise against is running a stable branch for the core OS, and running a current ports (don't cross the streams - that would be bad?).
Is this to the tune of 'O Caaaanada'?
I don't think that there are many people out there that would claim that OpenBSD is comfortable to use and would make a good desktop system.
You might be surprised. OpenBSD has good ACPI support now, has DRI in 4.5 (had it in 4.4 but it wasn't enabled by default). Sound support is good, and 4.5 introduces a simple sound daemon for userspace mixing. ARM support has also improved a lot recently, so it makes a good choice for handhelds.
I am TheRaven on Soylent News
It's totally unlike MINIX. MINIX is a hobby OS that only works and has perfect security in the author's mind. OpenBSD is used in production where security matters and on real hardware.
I am willing to claim that OpenBSD is more than comfortable for its intended use in routers and servers.
OpenBSD doesn't use GUI config tools, and complex package managers, but that is because they are not needed. It is simple and elegant like that.
It has some rough edges like the lack of utf-8 support in the base system and utilities but it isn't bad as a Desktop OS either, most desktop applications don't use libc for their encoding support anyways.
My home server and my laptop both run OpenBSD and I don't miss your real OSes at all. After all whatever I cannot do easily in OpenBSD Linux does through binary blobs and proprietary software. At that point I could be as well running Windows 7.
10 little-endian boys went out to dine, a big-endian carp ate one, and then there were -246.
A version of KDE that no longer gets any love from upstream; old Firefox, old Thunderbird. Hopefully there are security updates for the latter two and that someone is giving some TLC to the former.
I would beg to differ. The package management is just as good if not better than what's available in Linuxland, so there's no great difficulty in setting it up as a good desktop system.
Having excellent support for many non-x86 platforms, as well as having a small footprint make it a great choice for older hardware. I currently have it installed on on my old UltraSparc and Alpha workstations.
OpenBSD contributes more than just OpenSSH to other OS'es. Aside from pushing hardware manufacturers to open up their documentation, they've also reverse engineered drivers that have made their way into the other BSD's and even Linux (remember the whole Atheros? issue last year). Whereas many Linux distributions and the other BSD's have made compromises with proprietary drivers and binary blobs, OpenBSD still pushes for true open source.
PF and CARP also make OpenBSD a superior router platform to any IPTables based setup any day. You may be surprised how popular it is in the data centre.
Unlike Minix, OpenBSD's niche has a place in real world usage.
http://astutehosting.com/
isn't UNIX a standard?
"It's a Unix system ! I know this !"
Squirrel!
You might be able to. OpenBSD can run Linux binaries, although may not support some recent system calls. If you're using ext2/3 then OpenBSD should be able to mount it correctly. I don't think anyone's done this as a drop-in job, and I can't imagine many people wanting to (a large part of the attraction of OpenBSD is the clean and consistent, well-documented, userland. Replacing this with the cobbled-together userland from Ubuntu would not be an improvement). You can, however, install most of the software you would run on Ubuntu on OpenBSD.
I am TheRaven on Soylent News
A version of KDE that no longer gets any love from upstream; old Firefox, old Thunderbird. Hopefully there are security updates for the latter two and that someone is giving some TLC to the former.
OpenBSD is on a 6-month development release, and remember the auditing and code-screening that goes into each release. Patches for these "optional" packages (OBSD default install primary use is a stripped down server environment) can be updated immediately. Just like any other installer, there WILL be updates available, even on day 1.
Is the lack of RBAC and MAC, or any decent non discretionary access controls.
Solaris has RBAC, Linux has RSBAC and SELinux. OpenBSD staunchly refuses to add anything similar, and no, a system call interceptor does not count.
It's all well and good to have quality code and aim to get rid of vulnerabilities at the core, but a really secure system would be able to protect from attack, in the event it did happen.
As it stands, a system with SELinux or RSBAC is far, far more secure than OpenBSD, because of this fact.
If you ignore ACs because they are anonymous - you're an idiot.
"The one area where OpenBSD is let down on the security front is the packages/ports"
"The ports & packages collection does NOT go through the thorough security audit that the OpenBSD base system does. Although we strive to keep the quality of the packages collection high, we just do not have enough human resources to ensure the same level of robustness and security"
davecb5620@gmail.com
Who cares if your browser is jailed? Someone who owns your browser also owns your online banking, stock trading, webmail... you get the picture.
A slashdotter who didn't build his own computer is like a Jedi who didn't build his own lightsaber.
Another thing: Theo may be a dick
I have to say that I've never had problems with him or the other OpenBSD maintainers. I'm not part of their "in crowd" by any measure, but everyone's been decent to me when I've had problems or questions.
Bad approach: I can't do $foo. How do I do it?
Good approach: I RTFM about how to do $foo, but step 5 gives different results for me than the man page says it should. What should I try next?
They're busy people, and when I've been respectful of their time, they've been respectful of mine.
Dewey, what part of this looks like authorities should be involved?