Slashdot Log In
OpenBSD 4.1 Released
Posted by
kdawson
on Wed May 02, 2007 03:42 AM
from the hot-bits dept.
from the hot-bits dept.
adstro writes to quote from the BSD mailing list: "We are pleased to announce the official release of OpenBSD 4.1. This is our 21st release on CD-ROM (and 22nd via FTP). We remain proud of OpenBSD's record of ten years with only two remote holes in the default install. As in our previous releases, 4.1 provides significant improvements, including new features, in nearly all areas of the system."
This discussion has been archived.
No new comments can be posted.
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.
Just curious... (Score:5, Interesting)
For those of you using OpenBSD, how many of you are in a similar situation?
Re: (Score:3, Insightful)
Because holes continue to be found in every version and because old versions do not receive fixes anymore. There's only been two remote holes, of course, but there's an emphasis on both "remote" *and* "holes" here - and also an emphasis on "root", which unfortunately isn't even included in the slogan.
In other words, if you don't upgrade unless/until a new remote root exploit is found, you still have to
Re:Just curious... (Score:4, Interesting)
True, but you should also read about PrivSep [umich.edu], W^X, security levels [openbsd.org], systrace [openbsd.org] and other important security mechanisms that mitigates those risks (while not entirely eliminating them). All of these (and more) make a well-configured OpenBSD machine a very tough nut to crack. So to speak.
To me, the best thing about OpenBSD is not that it is perfectly secure (that can't be achieved) but that security is taken seriously and all this mechanisms are activated by default. The excellent documentation, especially manual pages vs the GNU unreadable info pages mess, and reactive developper community are also big pluses in my book.
Parent
Re:Just curious... (Score:5, Insightful)
Hmm, sorry, two what ? Two remotely exploitable holes in the default install, or two users running the default install ?
(For those not in the know: the default install has - drums rolling - ssh enabled. And SMTP on 127.0.0.1. That's it. Over. No http, no ftp, no pop, nothing else.)
Don't get me wrong, I'm a great OpenBSD fan and run it on my 3 production machines. Still, personally I consider that statement about the two holes more embarassing than impressive.
Parent
Re: (Score:3, Interesting)
OpenBSD is great because maintenance is muc
Re:Just curious... (Score:5, Insightful)
I am quite happy with linux right now. But I know that the day I will run a critical application/server, I will either use openBSD or maybe a stable debian but not a recent linux.
Parent
Yea, but... (Score:4, Funny)
Re: (Score:3, Informative)
To which the stock answer is, yes OpenBSD does run Linux - Linunx binaries at any rate (linux_compat(8) [openbsd.org]). I don't know about OpenBSD, but on NetBSD this works very well. Before a native JDK 1.4.2 was available for NetBSD I ran the Linux binaries of it under emulation.
Re:Yea, but... (Score:5, Interesting)
Parent
2 remote holes in default install (Score:2, Funny)
Downloads (Score:4, Interesting)
(Yes, that was annoyed sarcasm). I'd rather donate to the project and download an image than get one shipped, I can't believe OpenBSD is still refusing to provide Official ISOs.
Re: (Score:3, Insightful)
Keeping in mind who we're dealing with, though, I don't see it changing any time soon.
Re:Downloads (Score:5, Informative)
Parent
Re:Downloads (Score:5, Informative)
for EVERYTHING? They're not "refusing" anything, the OpenBSD people
provide an easy manner to obtain and install OpenBSD via ftp.
For beginners, and for people who don't understand try looking here:
http://www.openbsd101.com/ [openbsd101.com]
The above site is Linux user friendly.
Parent
Re: (Score:3, Insightful)
1. --help? What the fuck is up with GNU and the ridiculous long options. Try reading the man pages which actually provide information on a BSD system as well as examples. By the way, every command, device, and config file has one on OpenBSD.
2. Korn shell is nearly a drop in replacement for bash and in some ways a damn sight nicer.
3. export PAGER=less. And you call yourself a command line user? F
Re: (Score:3, Interesting)
BSD is dead. As long as they have the antique command line tools.
Well Linux, and every other Unix like OS including Mac OS X, are dead then as they also include "antique" command line tools. In fact Windows must be dead as well, as it includes command line tools, albeit piss-poor ones.
Think whatever you want, but I cannot live w/o GNU command line. bash alone isn't sufficient - text-tools, file-tools are also important.
Last time I checked, the ksh that comes with the BSDs can do everything bash ca
Re:Downloads (Score:5, Informative)
For the same reason Linux kernels, and any other files aren't directly linked in
Just for you: ftp://ftp5.usa.openbsd.org/pub/OpenBSD/4.1/i386/c
Creating an ISO is positively trivial. The file system layout is exactly the same as the FTP tree. Just be sure to make it bootable with mkisofs -b, or whatever "bootable" check-box your Win32 CD burner program has...
Not to mention that there are dozens of different ways to install, and a bootable CD is rarely the most convenient. FTP install is quite handy.
It's only for non-x86 systems that creating bootable CDs is somewhat difficult. And even there, I'd much rather create my own multiple system CD than download an x86 ISO, an Alpha ISO, a Sparc ISO, and burn each to several different (mostly-empty) CDs.
Parent
Re: (Score:3, Informative)
Re: (Score:3, Insightful)
Why don't you download the floppy boot images, do a net install and save having to waste a CDR?
The reason official downloadable ISO images are not available is to encourage people to buy the prepackaged CDs. The revenue from these sales is a significant reason why OpenBSD continues to flourish, as people like Theo de Raadt have an income that allows them to work full time on the project. Hopefully this will prevent a monoculture of Linux on servers, which in some respects would be as bad as the monoculture
OpenBSD 4.1 Release Song (Score:5, Interesting)
http://www.openbsd.org/lyrics.html [openbsd.org]
ftp://ftp.openbsd.org/pub/OpenBSD/songs/song41.mp
But... (Score:5, Funny)
No ISO policy (Score:4, Informative)
"The OpenBSD project does not make the ISO images used to master the official CDs available for download. The reason is simply that we would like you to buy the CD sets to help fund ongoing OpenBSD development. The official OpenBSD CD-ROM layout is copyright Theo de Raadt. Theo does not permit people to redistribute images of the official OpenBSD CDs. As an incentive for people to buy the CD set, some extras are included in the package as well (artwork, stickers etc).
Note that only the CD layout is copyrighted, OpenBSD itself is free. Nothing precludes someone else from downloading OpenBSD and making their own CD. If for some reason you want to download a CD image, try searching the mailing list archives for possible sources. Of course, any OpenBSD ISO images available on the Internet either violate Theo de Raadt's copyright or are not official images. The source of an unofficial image may or may not be trustworthy; it is up to you to determine this for yourself."
Now, FTP installs are pretty slick in these days of prevalent high speed; still, it seems a bit silly and arbitrary to intentionally restrict ISO distribution, to try and sell a few discs. The people who are willing to pay, would buy regardless of a free ISO being available (corporations and IT departments like having the official discs, and such).
I guess more than anything, this policy stikes me as a bit of "attitude", which turns me off the distribution, more than the mild inconvenience of not having ISO's readily available.
Re:No ISO policy (Score:5, Informative)
Parent
Re:No ISO policy (Score:5, Insightful)
This attitude pisses me off. If you were actually using OpenBSD, you'd be willing to fork over a few buck to get the disks. But you're not using it. The amount of time spent to produce such a high quality OS is worth the money in my book.
The other thing that pisses me off is that OpenBSD doesn't have a millionaire patron. But they do have Sun, Cisco, etc shipping their software (OpenSSH) withouth even bothering to contribute to the foundation. Kinda cheap, huh? Maybe that's why they charge for their install disks.
You clearly know nothing about OpenBSD.
Parent
Re: (Score:2, Funny)
No idea, they make a nice SSH program though.