[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: what's your Debian uptime?

> > OpenBSD has only had something like two holes in over a decade which is
> > nice for uptime.  
> Two holes in the default install, which is a very different thing to two
> holes in the entire distribution.

It is but you can see the erratas for the whole base system at
openbsd.org/errata.html and they are few. There will of course be many
unfound bugs but anything included in base receives a good audit before
inclusion and some parts a constant one.

The default install obviously includes the kernel so I think two
exploits in over a decade, one of which was in the over engineered
shall we say ipv6 that I have disabled (good practice on OpenBSD too) is
very impressive especially when Linus states that there are so many
updates every day that bugs are certainly getting in every day. Of
course there are benefits to that but it's not security.

If I ever run a Linux server for some certain functionality I will
certainly apply the grsecurity patch. OpenBSD and linux with the grsec
patch have security features that FreeBSD doesn't, even more so on
older hardware.


'Write programs that do one thing and do it well. Write programs to work
together. Write programs to handle text streams, because that is a
universal interface'

(Doug McIlroy)

Reply to: