Beta
×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

The insecurity of OpenBSD

Anonymous Coward writes | more than 4 years ago

Security 5

An anonymous reader writes "I just came across this article while reading about the latest Windows exploit, and many people being glad they used OpenBSD. It seems that while everybody considers OpenBSD to be the most secure OS around, it is anything but. With the lack of access controls, developers refusing to acknowledge security vulnerabilities and specious claims, it seems that the title of most secure OS is ill fitting. The article makes many good points, and I think it would be good to hear the OpenBSD communities side of the story."

cancel ×

5 comments

Sorry! There are no comments related to the filter you selected.

Rubbish! (1)

1s44c (552956) | more than 4 years ago | (#30844738)

The author has a bee in his bonnet about 'extended access controls' and his criticism could be equally leveled at any UNIX system. OpenBSD has been totally free of kernel level exploits unlike Linux, no access controls are going to help with them. OpenBSD has a very long and very secure history because it's written with correctness and consistency in mind.

SElinux is horrible and I would not wish it or anything like it on the BSD's.

This whole story is just a distraction from the real point that windows is grossly insecure no matter what you do with it. Both Linux and the *BSD's are secure unless the admin does some pretty messed up stuff to them.

Wrong from the beginning (1)

ThePhilips (752041) | more than 4 years ago | (#30844896)

Generally, this would be taken to mean an operating system that was designed with security in mind, and provides various methods and tools to implement security polices and limits on the system.

Uhm... Another brain damaged Windows admin who wants "Group Policy" for *nix?

Group policies even on Windows are nothing more than a masquerade used by idiotic admins to pretend they "secured the OS."

In past I was also stumbled at the argument that "*nix sucks because it has nothing like group policies". Later on I have learned (as a system developer) that it is nearly impossible to implement policies properly without horrendous performance impact - and as a user I have learned how easy it is to bypass many of the Windows' group policies.

This definition cannot be applied to OpenBSD as OpenBSD was not designed with security in mind and provides no real way to lock down and limit a system above standard UNIX permissions, which are insufficient.

That is not security [wikipedia.org] - that is access control [wikipedia.org] as poster comments himself later.

Jails or similar could be used to create most of it.

It should also be noted that the OpenBSD team uses a different definition of security vulnerability, limited to vulnerabilities that are allow for remote arbitrary code to execute.

OMG. OpenBSD never hid the fact that they target as primary deployment platform network servers and routers. Even me, a Linux fan, knows that.

In the end, article is rather boring and repeats too much of stuff everybody already knows - instead of clearly stating requirements the developers can look at.

tl;dr

Re:Wrong from the beginning (0)

Anonymous Coward | more than 4 years ago | (#30848800)

You're arguing a strawman.

The posters argument has nothing to do with group policy or windows, but with extended access controls.

His definition of a secure operating system is not extensive, but is basically correct. OpenVMS/OS/400 etc, most secure operating systems all meet that criteria. Only OpenBSD is special in thinking no vulnerabilities in the base system is equivalent to being a secure system.

The article also highlight some of the poor security practices the team has made.

Re:Wrong from the beginning (1)

ThePhilips (752041) | more than 4 years ago | (#30850322)

You're arguing a strawman.

Open the dictionary and look up what security is.

Redefining words doesn't help anybody.

And I haven't really made any argument. My point was more like that without a clear proposal targeted at OpenBSD developers original article is nothing more than a cheap shot at publicity.

Re:Wrong from the beginning (0)

Anonymous Coward | more than 4 years ago | (#30855230)

The developers have repeatedly shown no interest in adopting MAC. Drafting such a plan for the developers would be a waste of time.

The piece is an opinion piece which makes a strong argument and gets its point across. If you want to look at it through biased eyes then do so, but there is no need to misrepresent the argument made.

Check for New Comments
Slashdot Login

Need an Account?

Forgot your password?