OpenBSD 6.3 Released (marc.info)

← Back to Stories (view on slashdot.org)

OpenBSD 6.3 Released (marc.info)

Posted by msmash on Monday April 2, 2018 @08:00AM from the out-now dept.

OpenBSD announced on Monday that v6.3 update, which was slated to be released on April 15, is ready for download. From the announcement post: This is our 44th release. We remain proud of OpenBSD's record of more than twenty years with only two remote holes in the default install. As in our previous releases, 6.3 provides significant improvements, including new features, in nearly all areas of the system. You can read about the changes and improvements here.

77 comments

Min score:

Reason:

Sort:

Nice. by Anonymous Coward · 2018-04-02 08:06 · Score: -1

BSD > Linux.
two holes by Anonymous Coward · 2018-04-02 08:07 · Score: -1

in an install with zero packages that can do nothing but ssh
yay?
1. Re:two holes by Anonymous Coward · 2018-04-02 08:11 · Score: -1
  
  You need not worry. All of the additional packages you are installing are open source which is looked at by so many eyes that it won't have any nasty bugs in it. /s
2. Re:two holes by Anonymous Coward · 2018-04-02 08:13 · Score: 1
  
  The base system has the C compiler and related tools, X11 with three window manglers (twm, cwm, and fvwm), xterm, and two text editors (vi and mg (for the emacs fans)). It has is own SSH, SMTP, and HTTP daemons, though these must be configured and enabled. You can do more than you think with a base install.
3. Re: two holes by Brockmire · 2018-04-02 10:47 · Score: 4, Funny
  
  They seem to be pretty proud of being able to keep two remote bugs for 20 years. One would think they'd fix them instead of boasting about them for so long. I mean, other OS's probably have more for longer to brag about.
4. Re: two holes by Anonymous Coward · 2018-04-02 12:45 · Score: 0
  
  lame and unfunny.
5. Re: two holes by Anonymous Coward · 2018-04-02 12:47 · Score: 0
  
  Sure thing, Theo.
"..with only two remote holes..." by Anonymous Coward · 2018-04-02 08:07 · Score: 0

That they know of.
I'm waiting until Netcraft confirms this. by Anonymous Coward · 2018-04-02 08:08 · Score: 0

I'm pretty sure that *BSD is dying. I read that somewhere.
1. Re:I'm waiting until Netcraft confirms this. by Anonymous Coward · 2018-04-02 08:25 · Score: 0
  
  Ugh...you beat me to it. That's what I get for browsing at 1+.
Two Assholes by Anonymous Coward · 2018-04-02 08:13 · Score: -1

OpenBSD is only used by two assholes anyway so it doesn't really matter.
1. Re:Two Assholes by Anonymous Coward · 2018-04-02 09:52 · Score: 0
  
  So they’ve doubled the assholes using it? Who besides Theo?
2. Re:Two Assholes by grub · 2018-04-02 12:11 · Score: 3, Funny
  
  I've used it since the late 90's. I'm sure there are more assholes than Theo and I using it.
  
  --
  Trolling is a art,
3. Re:Two Assholes by Anonymous Coward · 2018-04-02 21:43 · Score: 0
  
  https://www.youtube.com/watch?v=sen8Tn8CBA4
4. Re:Two Assholes by ruir · 2018-04-03 03:43 · Score: 1
  
  Another asshole here.
OpenBSD is extremely underrated by Anonymous Coward · 2018-04-02 08:14 · Score: 5, Interesting

Among all the current Unix-like operating systems out there, OpenBSD remains the most true to the traditional Unix philosophy. Their level of commitment to code quality and good documentation is, frankly, foreign to the Linux world these days. They've done a huge amount of excellent work over the years and if their philosophy sounds interesting to you, I urge you to check it out and donate.
Should have waited an hour... by K.+S.+Kyosuke · 2018-04-02 08:14 · Score: 0

An hour ago, I randomly checked whether there was a new version. It was still at 6.2. Well, I guess such coincidence is bound to happen to someone anyway... Even to one of the three OpenBSD users out there. ;)

--
Ezekiel 23:20
1. Re:Should have waited an hour... by grub · 2018-04-02 12:16 · Score: 1
  
  Could you please check HBO's site to see if season 2 of Westworld is out yet? It's scheduled for April 22.
  
  --
  Trolling is a art,
Which BSD? by Anonymous Coward · 2018-04-02 08:15 · Score: -1

Dear BSD experts,
I'm writing some software for Linux. I wouldn't mind to port to any of the BSD flavors (why so many?), but I'm not sure which.
Which one(s) seems to have the most promising future?
Are BSD calls very different from Linux? Since Linux is so far ahead technologically and in market share, I think the BSDs should take all their cues from Linux to help portability. For example, I know they didn't implement systemd yet even though Linux people already went through all this pain to migrate. As a result, BSDs have a lot of technological debt at the moment. I don't want to have to port twice...
Thanks for your helpful advice!
1. Re:Which BSD? by Anonymous Coward · 2018-04-02 08:23 · Score: 1
  
  POSIX, motherfucker! Are you compatible?!
2. Re:Which BSD? by darkain · 2018-04-02 08:25 · Score: 1
  
  Much like the Linux world which is almost entirely based on two derivatives (Debian and Redhat), the BSD world is mostly the same, the two primary derivatives are FreeBSD and OpenBSD. FreeBSD has by far and away the largest user base of the two, and the most commercial support backing it as well.
3. Re:Which BSD? by Anonymous Coward · 2018-04-02 08:31 · Score: 1
  
  systemd... nice troll!
4. Re:Which BSD? by Noryungi · 2018-04-02 09:22 · Score: 1
  
  Don't forget NetBSD, which is also a very good BSD.
  
  --
  The right to offend is far more important than the right not to be offended. (Rowan Atkinson)
5. Re:Which BSD? by Anonymous Coward · 2018-04-02 09:34 · Score: 0, Troll
  
  FWIW, the init part of systemd is fucking fantastic once people get their heads out of their asses. The rest of systemd is pretty mediocre, but then so is a lot of the software it's attempting to replace. A lot of the anti-systemd crowd is nothing more than greybeards bitching about change.
6. Re:Which BSD? by jon3k · 2018-04-02 10:15 · Score: 1
  
  The second most popular distro on distrowatch.com is Manjaro, which is based on Arch. A challenger appears!
7. Re:Which BSD? by darkain · 2018-04-02 10:44 · Score: 1
  
  According to their info Manjaro is based on Arch Linux, which is probably the 3rd most popular branch of Linux right now.
8. Re:Which BSD? by HiThere · 2018-04-02 11:07 · Score: 1
  
  It depends on your use case. For me systemD has no benefits, though, admittedly, few drawbacks as an init system. Unfortunately, it's difficult to uncouple the init system from the rest. And, e.g., I dislike logs that aren't text based (or have they finally fixed the bugs in that piece...last I heard it was "won't fix").
  
  --
  
  I think we've pushed this "anyone can grow up to be president" thing too far.
9. Re:Which BSD? by Billly+Gates · 2018-04-02 11:37 · Score: 1
  
  If I r00t your b0x the last thing I am going to do is leave evidence in /var/logs.
  Binary logs are a feature for this reason
  
  --
  http://saveie6.com/
10. Re:Which BSD? by AHuxley · 2018-04-02 12:06 · Score: 1
  
  Are all BSDs created equally?
  https://media.ccc.de/v/34c3-89...
  Has some code review, fuzzing, runtime testing on all 3 major BSD distributions.
  
  --
  Domestic spying is now "Benign Information Gathering"
11. Re: Which BSD? by ISayWeOnlyToBePolite · 2018-04-02 18:32 · Score: 1
  
  Afaik systemd only provides binary logs, but also afaik redhat, debian and derivatives also installs rsyslog in the default install providing text logs. Curious to know what distro you've come across that has binary logs only?
12. Re:Which BSD? by Noryungi · 2018-04-02 19:26 · Score: 1
  
  Unfortunately, it's difficult to uncouple the init system from the rest. And, e.g., I dislike logs that aren't text based (or have they finally fixed the bugs in that piece...last I heard it was "won't fix").
  It's not that "difficult" to remove systemd: a lot of Linux distributions do that, like Slackware, Devuan, and Gentoo, just to name the biggest three.
  And, yes, binary logs suck, and systemd developpers are a bunch of whiny little bitches, with no understanding or appreciation for UNIX philosophy and history (hence, the appeal of the BSDs, where things are closer to what they used to be).
  At this stage, honestly, I'd like to have solid numbers on, say, the number of times Debian has been downloaded vs Devuan, for instance, but I suspect the vast majority of today's sysadmins blindly go with whatever Red Hat/CentOS decides, because, hey, it's Red Hat, and no one has ever been fired for buying that crap. Hence the appeal, for a minority, of the BSDs.
  
  --
  The right to offend is far more important than the right not to be offended. (Rowan Atkinson)
13. Re:Which BSD? by Anonymous Coward · 2018-04-03 00:30 · Score: 0
  
  Absolutely! No one will ever be able to find any evidence you were on anything... until they look in /var/log/.
14. Re:Which BSD? by ruir · 2018-04-03 03:48 · Score: 1
  
  I would not use distro downloads as an indicator of systemd being used. I have been using my farm of Debian Linux servers in Debian 8 and 9 *without* systemd.
15. Re:Which BSD? by Joey+Vegetables · 2018-04-03 04:32 · Score: 1
  
  There are multiple Gentoo and Slackware derivatives as well. I've used and loved Gentoo for over a decade now. AFAIK, systemd is optional on both (though I don't think Gnome will run properly without it).
  
  --
  
  Nonaggression works!
16. Re:Which BSD? by pnutjam · 2018-04-03 05:52 · Score: 1
  
  No love for Suse?
  
  --
  Cheap storage VM.
17. Re:Which BSD? by Noryungi · 2018-04-03 05:59 · Score: 1
  
  ... Except, of course, that if you are "root" on *any* box, systemd or not, you will be able to delete any logs you'd like, binary of plain text (journald anyone?).
  So what was your point again? Ah, yes, displaying your total ignorance. Mission Accomplished!
  
  --
  The right to offend is far more important than the right not to be offended. (Rowan Atkinson)
18. Re: Which BSD? by HiThere · 2018-04-03 08:34 · Score: 1
  
  The last time I checked there was a package that was supposed to produce text logs in addition to the binary logs, but it was broken. Not in all cases, but often enough. And the bug had been there for long enough to get marked "won't fix". I haven't followed the matter since then, however....
  That "won't fix" rather soured me on the entire systemD approach. Since it provides me with absolutely no benefits, it didn't take much in the way of defects to cause me to wish it would just go away. (And there were a few other defects in the early days, but they eventually fixed those, or at least I stopped noticing them.)
  But as far as I am concerned systemD is an overly complex "solution" the something that wasn't a problem to me. It's ancillary modules, however, have repeatedly been annoying, and occasionally caused severe problems. That I worked around them hasn't made me think highly of systemD, because it has absolutely no benefits to me.
  
  --
  
  I think we've pushed this "anyone can grow up to be president" thing too far.
19. Re: Which BSD? by ISayWeOnlyToBePolite · 2018-04-03 12:27 · Score: 1
  
  Systemd does not produce text logs, and that would be a wontfix as they seemingly consider it a feature. Rsyslog is not part of systemd, produces textlogs and is installed by default in every distribution that I know of.
20. Re: Which BSD? by HiThere · 2018-04-03 14:01 · Score: 1
  
  That may well be the reason, but it doesn't make me think any more highly of them.
  
  --
  
  I think we've pushed this "anyone can grow up to be president" thing too far.
21. Re:Which BSD? by Anonymous Coward · 2018-04-04 04:37 · Score: 0
  
  Ignorance. Deleting it will show I hacked it. Editing the text file to hide my tracks won't.
  Solaris has dumped text files as well years ago for this reason. Encrypted binary files are the only way to check
Small nit, but by 93+Escort+Wagon · 2018-04-02 08:16 · Score: 4, Informative

Why does the submission link to someone’s “congratulations” email response instead of the original email announcement... or the web posting about the release itself?
https://www.openbsd.org/63.htm...

--
#DeleteChrome
1. Re:Small nit, but by Anonymous Coward · 2018-04-02 09:55 · Score: 0
  
  "someone"... "Theo de Raadt"...
2. Re:Small nit, but by 93+Escort+Wagon · 2018-04-02 10:00 · Score: 1
  
  Nope - the link is to an email reply some guy sent to Theo.
  
  --
  #DeleteChrome
3. Re:Small nit, but by Anonymous Coward · 2018-04-02 12:13 · Score: 0
  
  The whole thing being top-posted to boot. msmash, thy depravity knows no bounds.
Most secure operating system ? by Anonymous Coward · 2018-04-02 08:17 · Score: 0

What would currently be considered to be the most secure operating system and why ?
BTW, I am looking for actual answers and not a flame war. Thanks.
1. Re:Most secure operating system ? by Anonymous Coward · 2018-04-02 08:31 · Score: -1
  
  TempleOS - because fuck you nigga
2. Re:Most secure operating system ? by Anonymous Coward · 2018-04-02 08:48 · Score: 0
  
  1) Trusted Solaris
  2) OpenBSD
  3) Dragonfly BSD
  Those are the only 3 OSes worth considering from a security standpoint.
3. Re:Most secure operating system ? by HiThere · 2018-04-02 11:14 · Score: 1
  
  Well, MSWindows 95A was pretty secure if you didn't insert any corrupted disks locally.
  Outside of that I think that OpenBSD is generally considered the most secure. Of course, if you want it to be really secure you write protect the system partition after you install it. (This generally means, in Linux, that you need to create a bunch of hard links from your system partition to another partition that you allow writes to, so that, e.g., the /tmp directory can be written to. I'm not sure anymore what the BSD equivalent to that is. It's been too many decades since I used it. (I was the system operator/administrator/IT department for an Altos i386 Unix box running some sort of BSD Unix...but that was in the days when the i386 was new.)
  
  --
  
  I think we've pushed this "anyone can grow up to be president" thing too far.
4. Re:Most secure operating system ? by bsDaemon · 2018-04-02 11:37 · Score: 1
  
  Trusted Solaris isn't so much secure as it was Common Criteria evaluated. Security is also not Dragonfly BSD's focus, so I am curious as to why it would be mentioned. OpenBSD is, of course, an option, and if security is a primary concern, it is a perfectly good choice. I would also suggest HardenedBSD, if you would like to have the features (ZFS, DTrace, Jails) of FreeBSD coupled with security improvements based on the PaX/GRSecurity design.
  NetBSD also has PaX-style memory hardening, btw. OpenBSD's userland W^X works quite differently (and will make programs abort at mmap time, rather than mapping a page as write-only and dying if it is written to).
5. Re:Most secure operating system ? by Noryungi · 2018-04-02 19:42 · Score: 0
  
  The best answer I have ever had to this question was:
  "If you want to keep something secret, never EVER put it on a computer, ESPECIALLY a computer connected to a network (any kind of network). If you want to keep something secret, put it in writing on a piece of paper, and keep the paper inside a safe".
  The older I get, the more I realize the wisdom of these words. Let's face it, a "generalist" operating system will always be exposed and vulnerable to something or other. This being said, there are "secure" operating systems but most of these are either experimental/academic or extremely expensive.
  This is the appeal of OpenBSD: these guys offer, by default, a reasonably secure operating system, with many protections and hardenings built-in. And these are real-life hardenings vs real-life exploits and attacks. All the things that OpenBSD does, Linux can do as well, but none of the protections offered by OpenBSD in a standard installation are activated by default on most Linux distributions.
  Install OpenBSD, get a hardened, reasonably secure system. Install Linux, get something that requires hours of work to secure. Is OpenBSD perfect? No. Is it more secure "out of the box" than Linux? Yes.
  
  --
  The right to offend is far more important than the right not to be offended. (Rowan Atkinson)
6. Re:Most secure operating system ? by Anonymous Coward · 2018-04-03 00:41 · Score: 0
  
  z/OS with RACF
7. Re:Most secure operating system ? by fisted · 2018-04-03 18:35 · Score: 1
  
  Of course, if you want it to be really secure you write protect the system partition after you install it. (This generally means, in Linux, that you need to create a bunch of hard links from your system partition to another partition that you allow writes to, so that, e.g., the /tmp directory can be written to. I'm not sure anymore what the BSD equivalent to that is.
  It's called different mount points. And on Linux, I doubt the super user cannot just remount the partition read-write again (don't know about OpenBSD, but NetBSD prevents this with the securelevel concept)
  Hard links won't help you in any way.
  
  --
  CLI paste? paste.pr0.tips!
But APKs work doesn't run on it by Anonymous Coward · 2018-04-02 08:17 · Score: 1

This is all fine and good but APK's hosts file engine doesn't run on it so it can't ever be secure.
1. Re:But APKs work doesn't run on it by Anonymous Coward · 2018-04-02 08:36 · Score: 0
  
  Be quiet before you wake him up. I would consider the fact that his crap doesn't run on it to be a positive.
Theo de Raadt sucks dicks!!! LOLOLOLOLOL! by Anonymous Coward · 2018-04-02 08:20 · Score: 0, Troll

Yep like OpenSSL which turned out to be well-audited and highly-secure code. The many eyes were doing a great job keeping all the bugs out of that project! LAWLZ!!
I'll believe it by Anonymous Coward · 2018-04-02 08:21 · Score: 0

when Netcraft confirms it!
OpenBSD ... making the internet safe for Linux by perpenso · 2018-04-02 08:27 · Score: 5, Insightful

two holes in an install with zero packages that can do nothing but ssh yay?
Actually a common use for OpenBSD is a firewall and/or router. Built-in packages accomplish these and other infrastructure roles. Thus making the internet a safer place to tread for Linux boxes with whatever is the fad-of-the-moment development stack. ;-)
1. Re:OpenBSD ... making the internet safe for Linux by Anonymous Coward · 2018-04-02 08:39 · Score: 0
  
  This.
  Only an idiot exposes a Linux box directly to the Internet.
2. Re:OpenBSD ... making the internet safe for Linux by Anonymous Coward · 2018-04-02 08:57 · Score: -1
  
  You expose your gnarled tootsie roll dick to kids at the playground.
3. Re:OpenBSD ... making the internet safe for Linux by avgapon · 2018-04-03 08:30 · Score: 0
  
  Is it really that common? Most firewalls I've seen run either custom Linux or a specialized OS. Very few run any BSD.
No BSD is dying post? by SocietyoftheFist · 2018-04-02 09:57 · Score: 0

In my day there would be several by now. Iâ(TM)m so dismayed.
1. Re:No BSD is dying post? by Anonymous Coward · 2018-04-02 10:36 · Score: 0
  
  You know it's dead when the "*BSD is dying" trolls can't even be bothered.
2. Re: No BSD is dying post? by SocietyoftheFist · 2018-04-02 12:08 · Score: 1
  
  Good point.
3. Re:No BSD is dying post? by Anne+Thwacks · 2018-04-02 20:47 · Score: 1
  
  It has been overtaken by "Windows is dying" posts.
  
  --
  Sent from my ASR33 using ASCII
4. Re:No BSD is dying post? by SocietyoftheFist · 2018-04-03 03:51 · Score: 1
  
  This was modded down? No sense of humor these modern /.'s
5. Re:No BSD is dying post? by Anonymous Coward · 2018-04-04 23:34 · Score: 0
  
  > You know it's dead when the "*BSD is dying" trolls can't even be bothered.
  That's when you know /. is dead.
  Fuck Beta.
OpenBSD limited to one core only by Anonymous Coward · 2018-04-02 10:09 · Score: 0

Can OpenBSD use more than one core at a time? As far a I know it can't do MP.
Or maybe it's like the dog that can walk on it's hind legs; it isn't that the dog does it well, but that the dog does it at all.
1. Re:OpenBSD limited to one core only by HiThere · 2018-04-02 11:22 · Score: 1
  
  If you read the release notes you'd notice that this release talks about improved multi-core support. So they must already have it.
  
  --
  
  I think we've pushed this "anyone can grow up to be president" thing too far.
2. Re:OpenBSD limited to one core only by grub · 2018-04-02 12:25 · Score: 1
  
  OpenBSD has had MP for many years.
  
  --
  Trolling is a art,
3. Re:OpenBSD limited to one core only by Anonymous Coward · 2018-04-02 12:50 · Score: 0
  
  A really shitty version, yes.
4. Re:OpenBSD limited to one core only by Anonymous Coward · 2018-04-02 12:52 · Score: 0
  
  You just woke up after 20 years of coma! Surprise ?!
5. Re:OpenBSD limited to one core only by Anonymous Coward · 2018-04-02 14:01 · Score: 1
  
  OpenBSD uses a very primitive form of multicore support called "cooperative multiprocessing" as opposed to modern multiprocessing known as "preemptive" multi-processing. OpenBSDs multitasking is simiilar to what was available on the old Mac 68K machines. The problem with OpenBSD's method is that one misbehaved application can hog all the resources and cause OpenBSD to crash.
  Phoronix.com did a comparison of all the BSD and Linux variants and OpenBSD came in last. FreeBSD did marginally better. Although nowhere near as capable as the Linux kernels, the Dragonflybsd put in a very strong showing, beating all the other BSD variants. These days OpenBSD is pretty much a curiosity without a strong Internet presence.
  We all can attest to Netcraft's skill in analyzing the operating system landscape. The Netcraft September 2017 Survey is quite frank about the dismal state of BSD. The only mention of any BSD is FreeBSD which they say has fallen to barely registering on real world networks. And everyone knows how far, far behind OpenBSD is from FreeBSD. I
6. Re:OpenBSD limited to one core only by Anonymous Coward · 2018-04-02 22:28 · Score: 0
  
  ...These days OpenBSD is pretty much a curiosity without a strong Internet presence.
  You know one of the easiest ways to stay secure in the world today? By being nothing more than a curiosity without a strong Internet presence.
  Being the most popular these days always has the downside of painting a rather large target on your back. Personally I see OpenBSDs popularity (or lack thereof) as rather fitting, and they've never existed to win a popularity contest, so that metric is rather pointless.
Remove the ethernet drivers by OrangeTide · 2018-04-02 13:47 · Score: 1

You're running ssh? Do you not care about security?!

--
“Common sense is not so common.” — Voltaire
Portability for idiots by Anonymous Coward · 2018-04-02 13:54 · Score: 0

You could write everything in Java. Would be time better spent instead of trolling.
This. by Anonymous Coward · 2018-04-03 03:21 · Score: 0

The best way is to write your software on a *BSD. Just pick one. Use the Single Unix Specification as your bible. After that, port your software to linux. That's much easier than the other way around, and now you have software that compiles and works on both. It's not difficult, if you get yourself the right tools. Like, oh, decent manpages and the actual specification, as opposed to "grepping the include files". Half a clue goes a long way here.
pace of development too by avgapon · 2018-04-03 08:26 · Score: 0

> OpenBSD remains the most true to the traditional Unix philosophy And to the traditional Unix pace of development. Despite having much fewer committees.