Even if it were a good idea to get to `security thru obscurity' (and it isn't), the most important thing here is that the bind people want to make some money out of it.
It is weird, the last time I checked, bind was free (and reasonably free, like with no weird installation clauses a la djb like tinydns and friends).
Wow, this reminds me of something... let me think. Yes, they are trying to pull a X consortium on us, aren't they ?
I mean, you start with a free bind, then you discuss crucial steps of development on a private list (the `membership waved for free projects' is such a blatant suck-up move I don't believe anyone will fall for that), and pretty soon, you end up with something similar to the initial license to X11R6.4.
Well, it is way past time to build some new DNS tools that work and are truely free anyways...
Well, GNUStep is probably running much better since 2.8, now that Objective-C is completely functional again...
We have someone who said he was working on a GNUStep port. Joining efforts would be cool.
E-Mail me privately about this.
Actually, some ports are more secure than they
used to be. They don't quite receive the same amount of attention that the source tree does, but a large number of porters are somewhat security-conscious.
We do follow security resources routinely, so that we won't miss on important bug-fixes.
We do take a conservative stance on security issues. Ports with problems are instantly marked as broken, until we know better.
We systematically fix a number of known security issues.
We do keep auditing logs public, in pkg/SECURITY.
Not all ports have received that treatment. It doesn't matter for some of them. We do try to avoid simple problems, and to audit important ports more thoroughly.
As has been stated again and again in this discussion, the OpenBSD team is rather small. We're always looking for talented, dedicated people to do more porting work.
When I say dedicated, I mean it. We've had hundreds of people who said they were going to help us, but not do anything at all in the long-term. OpenBSD is pretty much a doers operation. Want to join ? just start improving the code.
Use the source tree. Remember that this is an Open project, the CVS tree is readable for anyone.
A fairly large subset of the tree is actually recorded properly in the CVS repository. You can
see the differences between the vendor version
and what's in the OpenBSD current tree.
Also note that OpenBSD has a six months gap between releases, which does not match the release schedule of most other software that ships with it. Which is a large reason why you will find divergence between what's in the tree and what's in the latest stable version of that software.
Whenever it's practical, we do send changes back to the original software authors.
Slashdot Mirror
Even if it were a good idea to get to `security thru obscurity' (and it isn't), the most important thing here is that the bind people want to make some money out of it. It is weird, the last time I checked, bind was free (and reasonably free, like with no weird installation clauses a la djb like tinydns and friends). Wow, this reminds me of something... let me think. Yes, they are trying to pull a X consortium on us, aren't they ? I mean, you start with a free bind, then you discuss crucial steps of development on a private list (the `membership waved for free projects' is such a blatant suck-up move I don't believe anyone will fall for that), and pretty soon, you end up with something similar to the initial license to X11R6.4. Well, it is way past time to build some new DNS tools that work and are truely free anyways...
Well, GNUStep is probably running much better since 2.8, now that Objective-C is completely functional again... We have someone who said he was working on a GNUStep port. Joining efforts would be cool. E-Mail me privately about this.
Actually, some ports are more secure than they used to be. They don't quite receive the same amount of attention that the source tree does, but a large number of porters are somewhat security-conscious.
Not all ports have received that treatment. It doesn't matter for some of them. We do try to avoid simple problems, and to audit important ports more thoroughly.
As has been stated again and again in this discussion, the OpenBSD team is rather small. We're always looking for talented, dedicated people to do more porting work.
When I say dedicated, I mean it. We've had hundreds of people who said they were going to help us, but not do anything at all in the long-term. OpenBSD is pretty much a doers operation. Want to join ? just start improving the code.
Nice Troll... OpenBSD is running perl 5.006, not 5.005_03.
Use the source tree. Remember that this is an Open project, the CVS tree is readable for anyone.
A fairly large subset of the tree is actually recorded properly in the CVS repository. You can see the differences between the vendor version and what's in the OpenBSD current tree.
Also note that OpenBSD has a six months gap between releases, which does not match the release schedule of most other software that ships with it. Which is a large reason why you will find divergence between what's in the tree and what's in the latest stable version of that software.
Whenever it's practical, we do send changes back to the original software authors.