Slashdot Mirror

← Back to Stories (view on slashdot.org)

OpenBSD 2.6 released

Posted by Nik on from the 'evening-all dept.

Lots of you wrote in with this -- we've been holding back at Theo's request until the CDs were available, but OpenBSD 2.6 is now released and available from the FTP sites, or by ordering CDs. There are lots of technical enhancements to this release (which are detailed below), and if they don't grab you, check out the very cool CD cover art.

The complete list of changes to 2.6 is too long to list here. However, some of the highlights are:

  • Add ssh (OpenSSH) to the base system
  • Reliability patches for the PowerPC port
  • Improved support for ext2fs
  • Perl 5.005_03 in the base system
  • Support Joliet filesystems
  • More security fixes
  • USB support
  • Fixes to the ATAPI support
  • Speed up the install process
  • Many manual page updates

and much more.

3 of 228 comments (clear)

  1. The significance of this... by Matt+Bridges · · Score: 5

    As OpenBSD has been a lesser-known OS for a while, I am writing this post to tell any newcomers what it is all about. While to many this may seem like just another software release, anyone who has watched cryptography and security in general and OpenBSD in particular knows that this will have major significance throughout the industry. It may not be immediately apparant, or even obvious, but it will be important for the follwing reasons: 1. With the recent anti-cryptography crackdowns by the US government (see the article below this one on the investigation of William Simpson), having a complete system of VERY strong cryptography coming from outside our national borders, such as OpenBSD, will significantly weaken our government's efforts to stop cryptography. 2. OpenBSD is apparantly the only major OS that truly follows the saying, "Security is a process, not a product." Personally (and I know there will be much debate on this, possibly even flames), I believe that everyone from the Linux contributors to Sun (makers of Solaris) to, of course, Microsoft, could learn from the example of the OpenBSD team. For those of you unfamiliar with OpenBSD, here are a few examples of how the emphasis in this OS is almost entirely on security: A. Line-by-line security audit of *everything* that goes on the CD. B. Strong cryptography is built in on the most basic system level. C. All aspects of the default setup have undergone rigorous security testing. OpenBSD is, to the best of my knowledge, the only OS that can legitimately claim to be secure right out of the box. All of these factors combined have set a standard that the rest of the industry has yet to meet. Eventually, security will be seen as something not to be expected, but demanded in a product, and the OpenBSD philosophy will serve as a model for this shift. 3. Because many security flaws (such as potential buffer overflows) can cause security-unrelated crashes, the line-by-line audit also resulted in remarkable stability beyond just the security. I think we can all think of a certain software company that could learn from this example. 4. The overall view of the OpenBSD team that security as not just something that happens over time and numerous patches, but rather something to get right the first time, must be adopted by the rest of the industry as soon as possible. Anything less will hold back the advance of the Internet unacceptably. I hope that this has helped some newcomers to the OpenBSD world understand the underlying philosophy of this wonderful OS.

  2. Quick answers by Anonymous Coward · · Score: 5
    1.Is OpenBSD more secure in some fundamental way that a well maintained Linux distribution?

    Without a doubt. Use RedHat as an example - out of the box, it is shamefully exposed.

    It is perfectly reasonable to assume that a linux distribution could be made as secure as OpenBSD, if the effort was made

    2.Is OpenBSD more stable than a well maintained Linux distribution?

    Generally speaking, both are considered stable enough to not make it a significant issue, although the increased competition in the linux distro market will force more frequent releases and less testing. Look at the flack Debian is catching for their slower release schedule.

    3.Will the OpenSource software we normally need (firewall, Apache, PHP4, Perl, Python) and so on probably compile on OpenBSD?

    Of course. There is no question that the packages you mention will work well on OpenBSD. Some of the packages you mention are developed on a BSD variant.

    4.Does OpenBSD have something like clustering support (Beowulf) and failover?

    No.

    5.Is the performance of a well maintained OpenBSD system better than a well maintained Linux distribution?

    This really depends on what you are doing. For network performance, I put my chips on BSD. For other system functionality (disk throughput, etc.), linux may be better. It really depends on the type of application.

    6.Does Linux have anything like the one time use password system?

    No.

    7.Does OpenBSD support multiple CPU's

    The BSD's are making some inroads with SMP, but linux is out ahead.

  3. Re:OpenBSD and Linux - compare? by ninjaz · · Score: 5
    These systems will be running the server software they need, and X11 + (Gnome||KDE) for administration and so on.
    I think X/(Gnome|KDE) a bad idea on a network server regardless of the operating system. My reasons for thinking it's a bad idea are:
    • video hardware (& its drivers) tends to be one of the touchiest areas of a system, best avoided if you're not using it as a workstation,
    • You're wasting resources that could be used for serving on your X environment (especially with some of those new-fangled screensavers ;)
    • It's better to understand configuring the system the *right* way - via the command-line tools and configuration files. That way, you can keep multiple versions in case something goes wrong and you need to back out a change.
    Now, with that out of the way..
    Is OpenBSD more secure in some fundamental way that a well maintained Linux distribution?
    The audits of source code would seem to imply that. If you'd like some data on the subject, visit the vulnerabilities section of http://www.securityfocus.com/ Have it show you the vulnerabilities of OpenBSD and of a few Linux distros so you can compare. Of course, unless you're allowing shell accounts, the external (network) security of either mostly depends on what daemons you're running and how they're configured.
    Is OpenBSD more stable than a well maintained Linux distribution?
    Both a well-maintained Linux server and a well-maintained OpenBSD server should be stable. There may be less scheduled downtime with OpenBSD if there's a kernel-related security issue in Linux, but in my experience with OpenBSD, NetBSD, FreeBSD, Linux and Solaris, all of them have been stable (current standard uptimes here around 6 months).
    Will the OpenSource software we normally need (firewall, Apache, PHP4, Perl, Python) and so on probably compile on OpenBSD?
    Yes, and /usr/ports/ is there in case a change does need to be made to something for it to compile (i.e., the patches are automatically applied when you type make
    Does OpenBSD support multiple CPU's better then Linux?
    No, it doesn't support them at all. If you want multi-cpu support with a *BSD, try FreeBSD.

    One thing that BSD is currently very helpful with on the x86 architecture is large file support. The Linux limit is 2gb, so your MySQL databases are limited to that size.