OpenBSD 4.1 Released 218
adstro writes to quote from the BSD mailing list: "We are pleased to announce the official release of OpenBSD 4.1. This is our 21st release on CD-ROM (and 22nd via FTP). We remain proud of OpenBSD's record of ten years with only two remote holes in the default install. As in our previous releases, 4.1 provides significant improvements, including new features, in nearly all areas of the system."
Re:Downloads (Score:3, Insightful)
Keeping in mind who we're dealing with, though, I don't see it changing any time soon.
Re:Just curious... (Score:5, Insightful)
I am quite happy with linux right now. But I know that the day I will run a critical application/server, I will either use openBSD or maybe a stable debian but not a recent linux.
Re:Just curious... (Score:3, Insightful)
Because holes continue to be found in every version and because old versions do not receive fixes anymore. There's only been two remote holes, of course, but there's an emphasis on both "remote" *and* "holes" here - and also an emphasis on "root", which unfortunately isn't even included in the slogan.
In other words, if you don't upgrade unless/until a new remote root exploit is found, you still have to worry about local users rooting your box (and don't forget that there typically are users like "www" etc. even when no actual person besides you has an account on the box; not a big problem for a firewall, most likely, but servers in general aren't automatically safe), and you still have to worry about remote priviledge escalation, remote denials of service and the like, too.
That's not to say that OpenBSD is not a very secure system, but the slogan is somewhat misleading (it's marketing, after all!), and not keeping a system up to date with security patches is never a good idea.
Re:Downloads (Score:3, Insightful)
Why don't you download the floppy boot images, do a net install and save having to waste a CDR?
The reason official downloadable ISO images are not available is to encourage people to buy the prepackaged CDs. The revenue from these sales is a significant reason why OpenBSD continues to flourish, as people like Theo de Raadt have an income that allows them to work full time on the project. Hopefully this will prevent a monoculture of Linux on servers, which in some respects would be as bad as the monoculture of Windows on the desktop. Personally I don't need CDs, but if I was using OpenBSD (rather than a certain other BSD) then I would be doing net installs from a server on my own network, and making a donation.
Re:Just curious... (Score:5, Insightful)
Hmm, sorry, two what ? Two remotely exploitable holes in the default install, or two users running the default install ?
(For those not in the know: the default install has - drums rolling - ssh enabled. And SMTP on 127.0.0.1. That's it. Over. No http, no ftp, no pop, nothing else.)
Don't get me wrong, I'm a great OpenBSD fan and run it on my 3 production machines. Still, personally I consider that statement about the two holes more embarassing than impressive.
Re:Downloads (Score:3, Insightful)
1. --help? What the fuck is up with GNU and the ridiculous long options. Try reading the man pages which actually provide information on a BSD system as well as examples. By the way, every command, device, and config file has one on OpenBSD.
2. Korn shell is nearly a drop in replacement for bash and in some ways a damn sight nicer.
3. export PAGER=less. And you call yourself a command line user? For shame.
Re:No ISO policy (Score:5, Insightful)
This attitude pisses me off. If you were actually using OpenBSD, you'd be willing to fork over a few buck to get the disks. But you're not using it. The amount of time spent to produce such a high quality OS is worth the money in my book.
The other thing that pisses me off is that OpenBSD doesn't have a millionaire patron. But they do have Sun, Cisco, etc shipping their software (OpenSSH) withouth even bothering to contribute to the foundation. Kinda cheap, huh? Maybe that's why they charge for their install disks.
You clearly know nothing about OpenBSD.