Slashdot is powered by your submissions, so send in your scoop

 



Forgot your password?
typodupeerror
×
BSD Operating Systems

Ask Theo de Raadt about OpenBSD 208

OpenBSD 2.8 was released today, so this seemed like a good time to ask project leader Theo de Raadt about OpenBSD -- or anything else. He's a rather colorful person; a pizza eater, kernel hacker, and devout rock climber, so even though this is a big day for OpenBSD you might want to discuss a few other things with Theo, too. We'll choose about 10 of the highest-moderated questions and e-mail them to him shortly after noon (US EST) tomorrow. His answers will appear next week.
This discussion has been archived. No new comments can be posted.

Ask Theo de Raadt about OpenBSD

Comments Filter:
  • I'd like to know, what does Theo think of Sun's
    trusted Solaris and if he is going to download
    the recently released Solaris source code.

    Another question: what tools do you use for
    hacking? Vim or Emacs? ctags and grep and what
    else? Can you share few tricks (like some Vi or
    Emacs commands)?

    /Alex
  • > Huh? You know what CVS is, isn't it ?

    Yes, I can find out what's been changed historically, if I *really* go looking. I have no way of knowing easily that:

    bash-2.04# perl -v

    This is perl, v5.6.0 built for sparc-openbsd

    was compiled from a different codebase than:

    bash-2.04# perl -v

    This is perl, v5.6.0 built for i386-linux

    My point is, if you change the source, change the version. That I can hunt something down in CVS is pretty meaningless if I don't know that I need to.

    --Dan
  • by laertes ( 4218 ) on Friday December 01, 2000 @07:16AM (#588189) Homepage

    I have only been using OpenBSD for a short while now, so forgive me if this question is based upon some incorrect assumtions.

    OpenBSD's kernel design seems to be of the monolithic species. OpenVMS (no relation) and NT are two prominent operating systems that use a microkernel archetecture. The microkernel design seems to me to be fundamentally more secure, since there is less priveledged code. Further, if one of the servers is compromised, the damage is minimezed.

    My question is this: Is the OpenBSD design fundamentally secure, or is it only a very well done implementation of a basically flawed design?

  • by EXTomar ( 78739 ) on Friday December 01, 2000 @07:16AM (#588190)
    Did the drive to audit code come from the need or the design of BSD? Or was it initially a whim? More imporantly, where did you learn it from? Is their some "mentor" you looked too for ridge design? I have to admire your team's daunting code reviewing...I wonder if I'll ever have that kind of meticulous coding nature.
  • Ermmmmmmm... American encryption laws are a moot point for a couple reasons... First, the laws don't exist anymore - they've given the okay on exports of encryption to all but the 6 or 7 countries we have embargo's against, and Theo + OpenBSD are based in Canada, making them immunte to USA's laws anyhow...
  • If Theo made the ISO images available, would you purchase an OpenBSD CD just to support him?

    You *can* do an ftp install or AFS install or even make your own CD. So its not like you *have* to pay to get it.

    The CD is $30.00 plus S/h, so buy it, get the CD set and have the warm fuzzy feeling of having contributed to the project in some way.

    Btw the T shirts kick ass too


    The number of the beast ...
  • the funny part is that openbsd.org is running of solaris :-/
  • What's your opinion of the TrustedBSD [trustedbsd.org] project? I know it's relatively green and AFAIK not much has been shipped off the assembly line other than some rough beginnings. But, that aside, do you think it's too ambitious (or not ambitious enough?) And if it ever does complete its goals do you think OpenBSD will utilize any code from it?
  • To add to the questions regaring SMP and Ultrasparc support, will there be any support for ADB based PCI Power Macs?
  • I downloaded and have been using OpenBSD for a couple of months now, and I'm definately impressed. If someone would explain the two pizza jokes I've seen here to me I feel as if my OpenBSD experience would be perfect...

    Anyway I guess My question would be this- Are you a beer drinker, Theo? If these guys are going to donate pizza, what type of beer would be appropriate and where would I have it shipped?
  • On the one hand, if Theo brought in $300K, "10,000 @$30" and didn't have any expenses, that would be pretty impressive funding.

    More realistically, the amounts get diminished in two obvious ways:

    • Theo needs to pay, up front, for the CD "burns." I'd expect that to be around $5/unit, which just ate $50K right there. :-(
    • Many of the CDs are not sold directly, but are rather resold. In which case it's likely something more like $15 that comes in to Theo.
    • Unsold inventory, anyone?

      What doesn't get sold transforms magically into "pieces of chad" that aren't being fought over by Floridan electoral officials, but which rather cost that $5, and result in zero input of cash.

    I'd be surprised if Theo's seeing as much as $100K of "positive" cash flow, all in all. If he's seeing more than that, bully for him; it's not as if he hasn't put in a lot of work that resulted in that.

    As for your suggestion that it would be slick to have a "charity" to handle the money, while part of me agrees, there's definitely room for duality here.

    What I would like to see is for people to take the action of Just Plain Giving Out Gifts to developers that they want to give money to. No "charitable contribution;" no "tax deduction."

    One might think that this is a losing proposition, as there's "no deduction." To the contrary, if there's that deduction, on your side, then the money must be treated as a taxable income on the part of those that receive it as income.

    It's worse than that; employment income involves deductions, which means that lots of the money gets eaten up by taxation.

    In contrast, if you give someone $50 a gift of your after-tax income, it may not be deductible in your hands, but should correspondingly not be taxable in their hands. If someone received $40K in nontaxable gifts, that might well be as good as receiving $60K in taxable income...

    Food for thought...

  • Are there any plans to make OpenBSD run on SMP systems using a big kernel lock for mutual exclusion? This would seem to be a reasonably simple and safe approach to SMP, if not the best performing one. The usefulness might seem limited but one possible application is an IDS box that sniffed network traffic in one process while handling analysis in other processes running on the other CPUs in user space.

    And focusing on OpenBSDs strengths, a second step to remove the BKL for the networking code could result in useful SMP for firewalling, VPN and IDS applications under SMP. Any plans or thoughts on minimal SMP support like this for OpenBSD?

  • by Anonymous Coward
    I don't think he meant "X" as in "please don't call it X-Windows", rather something along the lines of "say I wanted to implement feature 'FOO'".

    Please remember that the use of "X" to represent "Something" is deprecated, and has been replaced with the more featureful "FOO" :^)
  • Whistler/Blackcomb.

    I hear Fernie isn't too bad, either, if you don't want to drive too far from Alberta. Don't bother Theo with questions that could be answered by any Canadian.
  • that was the best post in the whole article!
  • Canada is the centre of development for OpenBSD. With the state of encryption, patent, and copyright laws in many places, do you think there are many other countries in which something like OpenBSD could have been developed?

    What legal trends do you see as particularly threatening to OpenBSD or similar projects?
  • personally - i'd love to see a secure ports tree...it'd make life a hell of a lot easier for us sysadmins :-)
  • I love it when people post shit like this as Anonymous Coward. Man, you wouldn't want to see what I would do to your anti-semitic ass if I knew who you were. Go hide behind your AC, asshole.

    love,

    Brian
  • Strippers. Lots and lots of strippers.
  • I'm Canadian and asking the question any Canadian could answer? Riddle me not that one!
  • by NTSwerver ( 92128 ) on Friday December 01, 2000 @07:18AM (#588207) Journal
    Theo, would you prefer anchovies or black olives on your pizza?

    ----------------------------
  • Speaking in terms of the revenue that can be generated from a free software project makes it quite evident that you do not understand the basic principles driving it. Where exactly did I say it had to be another Microsoft? Frankly, the entire Microsoft vs. non-Microsoft crap is just a bunch of gibberish that is thrown into any sort of software discussion simply because people are scared that it might be possible that Microsoft can be sidestepped by someone. The company I work for has sidestepped MS, and more are following.

    It's not that I hate MS, it's that I hate the idea that you are either for or against them. We use the best tool for each job we do. If we ever see a need for an MS based solution, it certainly won't destroy me to use it. Forget the entire "We don't want another MS" rant and realize that another choice to free software is not going to be another MS. I didn't say anywhere that I didn't want something modular. I wouldn't use it if it wasn't package based, or in some way easily managed. And I don't even see the possibility of a free software distro coming out without some form of package management in this day and age.

    Nothing personal against you, but it seems you failed to grasp what I was driving at.

  • by juuri ( 7678 ) on Friday December 01, 2000 @07:19AM (#588210) Homepage
    Hi Theo,

    Do you think your once overzealous (now calmed) ego is still hurting OpenBSD? Or has time calmed the fires?

    In the early days the open fighting between the NetBSD (we won't take changes until hell freezes over) and the OpenBSD (we are the best, you suck) camps was pretty unattractive, to say the least.
  • Have you heard of the KAME project? It's a project to develop an IPv6 subsystema for de *BSDs. And it has aparently been quite successful.
  • Troll or typo - you make the call. Either way, it is OpenBSD not FreeBSD.

    "That fat, dumb, and bald guy sure plays a mean hardball."
  • Sure, MS has to publish good books on writing solid code! After all, they leave it to application developers to write extra-solid code in an effort to make up for the platform's instability. Before you laugh, notice what an (unfortunately) successful model it's been for them. :-(
  • by Anonymous Coward
    This is not a troll. Some explanation as to why it is sensible to have three free bsds actually would be useful, since there is a lot of wasted effort somewhere.
  • Question about chroot:

    turns out from looking at the OpenBSD, suse, redhat man pages that chroot is only invokable as root.

    Now I know the idea of chroot is so that programs you do not necessarily trust can be run in a smaller box than that of the entire system and you can put only the necessary tools needed for it to run in this box.

    What I would like to do is take a program that I run chrooted and also have it run as a lower priviledge user (than root). I believe this to be a good idea.

    Programs like apache and bind have support for this.

    However there are quite a few programs that do not has support or understanding of "run_as_user or a "-u" flag etc.

    Since I can only launch chroot as root, the program I spawn is run as root, granted its in a chrooted shell, but I would like the program to run chrooted and be run as a low priv user. I certainly dont want to put something like su in the chrooted directory (and maybe even a shell) to have to make this run as another user.

    What is your take on this? Should there be something like a "-u user" flag to chroot?

    Why would this be a good/bad idea?
  • by maggard ( 5579 ) <michael@michaelmaggard.com> on Friday December 01, 2000 @07:19AM (#588217) Homepage Journal
    What's your take on Apple putting a BSD-layer in their forthcoming Mac OS X? What effect do you see this having on the BSD community & your own distribution in particular?
  • If you were offered an OC connection for FREE would you take it? I'd assume yes.
    1. Are there plans to have SMP kernels in OpenBSD (for those archs that support it, e.g. i386, alpha, sparc) ?
    2. Are there plans to support the UltraSPARC platform? I'd let the OpenBSD developers use ours, but it's kinda busy being a 24/7 file server under Slowaris :)


    Thus sprach DrQu+xum, SID=218745.
  • Xenophon:

    I'm actually pretty confident that OpenBSD tracks the changes they make, but those changes(I believe) are to the overall package that is OpenBSD, not to the individual files.

    You wrote:

    ===
    I don't think you understand how they package up their releases. It isn't like Red Hat or Debian, i.e. there are no individual packages like perl-5.003-666 or nethack-23-skiddoo.
    ===

    To which I reply:

    ftp://ftp.openbsd.org/pub/OpenBSD/2.7/packages/s pa rc/

    That being said, it may very well be that anything that Theo directly touches is considered a critical component and is kept out of the "packages" tree. This would be somewhat surprising to me(given the amount of energy Theo et al puts into creating a "high quality package archive"), but wouldn't be unimaginable. However, it remains unclear what has been touched and what hasn't. Is that really Perl 5.6.0? What about Netcat 1.1.0? I can't even compare binaries; I have to diff source trees.

    Not too long ago, one security guru got taken to task *HARD* for assuming that the version of Debian he had downloaded possessed the same security holes as...uh, that version actually had. Except it was the Debian unmarked modified patched version, and he didn't know. He submitted a total mea culpa...but I'm just not sure he should have.

    This is actually the topic of a paper I've been considering writing, but I think it'd be much more interesting to hear what Theo has to say on the matter first.

    Yours Truly,

    Dan Kaminsky, CISSP
    Cisco Systems, Advanced Network Services
    http://www.doxpara.com

  • by Oztun ( 111934 ) on Friday December 01, 2000 @07:20AM (#588222)
    I've read both the FreeBSD and OpenBSD looking for facts to support what is the best choice and only found OpenBSD claims for good security. From talking to people who use the BSD's more than I do I've heard FreeBSD is faster than OpenBSD on average. I've heard that FreeBSD is faster for running user applications and OpenBSD has faster networking code. Is this true and does the 2.8 release change any this?
  • by yamla ( 136560 ) <chris@@@hypocrite...org> on Friday December 01, 2000 @07:21AM (#588223)
    Linux has FreeSco [freesco.com], a product that fits on a 3.5 inch floppy disk and acts as a router and NAT (Network Address Translation). I always thought something like this would be ideal for OpenBSD. After all, I would rather trust OpenBSD than Linux for this.

    Are there any plans to produce something like this? Something with a very simple user interface that is quick and easy to get set up? I'd love to play with OpenBSD and do it by hand but I simply do not have the time.

  • From crypt(3) (OpenBSD 2.6):

    The Blowfish version of crypt has 128 bits of salt in order to make
    building dictionaries of common passwords space consuming. The initial
    state of the Blowfish cipher is expanded using the salt and the password
    repeating the process a variable number of rounds, which is encoded in
    the password string. The maximum password length is 72. The final Blow-
    fish password entry is created by encrypting the string ``OrpheanBehold-
    erScryDoubt'' with the Blowfish state 64 times.

    There is no "blowfish key" to keep secret. The password and the random salt are the key. If there were some "secret key", it wouldn't stay a secret very long -- the passwd(1) source would have to contain it, and you'd get it straight from the CVS server (or the CVS snapshot on the CDs).

    A more interesting question, then, is whether it's possible to launch a known-plaintext attack to retrieve the key (and thus the password). The plaintext is in the man page that I quoted above, and the cyphertext is in the master password file. But I'm no cryptographer (I don't even pretend to be one), so I can't speculate on how feasible such a feat would be.

  • Why are there 25 free linuxes? Don't we only need one? And geez, what's with all of these operating systems in general? Wouldn't we be better off one, say Windows?

    The BSD's are projects just like any other... They're developed with different mindsets, different goals. And since it's under all the BSD license... the leaders from any of the other BSD's can pick and choose from anything any other *BSD has done. So effort doesn't need to be wasted unless one has a better solution in mind, in which case it's not wasted after all.

  • by The Pim ( 140414 ) on Friday December 01, 2000 @09:14AM (#588231)
    The microkernel design seems to me to be fundamentally more secure.

    Currently, very few vulnerabilities of mainstream (monolithic kernel) systems involve compromise of the kernel proper. I can't think of any off hand. Some involve DOS'ing the kernel (ping of death). Some involve tricking the kernel into sending bad data to someone else (eg, modprobe). I've heard of potential buffer overruns being fixed in Linux, but I've never heard of any being exploited. Perhaps it's because there are too many bugs to exploit above the kernel, or because it's too hard to develop and tests the exploits, or because kernel developers are just a careful breed; but making the kernel harder to take over doesn't seem to buy you much in practice.

    Even if you are worried about such attacks, it's not at all clear that a microkernel wins. A great benefit of a monolithic kernel is that the entire development project is more unified. Developers are more likely to be familiar with the whole codebase, aware of interrelationships and finding bugs throughout. This is why Linus insists on keeping megs of random drivers in the kernel distribution. If the parts of a microkernel are developed in more isolation, there are fewer eyes on the whole thing, and more chance of miscommunication. For example, the Linux/modprobe bug mentioned above could just as well have happened between two services in a microkernel-based system.
  • What is your opinion of the "capabilities" model of security, as implemented in Linux or in SecureOS [securecomputing.com], a BSD-variant used by Secure Computing's Sidewinder [sidewinder.com] firewall?

    Will OpenBSD ever support "role accounts" with the ability to perform very specific functions that would otherwise require superuser access?

  • First, I'd like to know what hardware the majority of OBSD users run. Is it a vast majority, or are people fairly evenly divided? Second, given the first part, what direction is OBSD headed? Are you going to keep the status-quo as long as that sufficient, are you going to work to put OBSD on larger-scale hardware, or will you try to scale it down like many are trying to do with Linux?

    I do not belong in the spam.redirect.de domain.

  • by iamsure ( 66666 ) on Friday December 01, 2000 @09:22AM (#588238) Homepage
    With the effort underway by www.openpackages.com, and with the correlating efforts on the linux side by Connectiva to making a apt-rpm bridge, do you think it would be a good thing, from a security, and OS level point of view, to have a single type of package.

    Does your team support the efforts towards a unified package structure?

    Further down the road, if one package structure does develop for *BSD, would you also support an effort towards a common package from *BSD to linux?

    Thanks for a great OS..
  • The silence on IA64 from the BSD crowd is deafening. Why is that? For server applications, it would seem like BSD would very plausible as a good choice if it were available.

    -dB

  • by AT ( 21754 ) on Friday December 01, 2000 @07:21AM (#588244)
    Any advise for code auditers? Can you share any tips or techniques you have found useful in uncovering bugs? What do you first look for in a fresh piece of code? What about a mature piece of code?
  • by Anonymous Coward on Friday December 01, 2000 @07:21AM (#588246)

    Boxers or briefs ?

    Elaborate.
  • by Stephen ( 20676 ) on Friday December 01, 2000 @07:22AM (#588249) Homepage
    How do you feel about the amount of publicity Linux has got in the press in the last couple of years, as opposed to the relatively low profile of the *BSDs?
  • Soooo ... where's the best place to ski/snowboard??
    :)
  • by dragonfly_blue ( 101697 ) on Friday December 01, 2000 @07:25AM (#588254) Homepage
    Although there has been some indication that people are interested in running OpenBSD on machines with dual or quad processors, it appears that there are not enough resources and volunteers available to make this a reality. Although I use OpenBSD for my web server, I am by no means an expert, at this, but I'm curious nonetheless.

    From what I've heard, multiprocessing support is going to be a very tricky thing to implement, because it gives rise to so many possible exploits, particularly with regards to race conditions. I also understand that it would take a remarkable amount of effort and time to rewrite much of the code base for SMP without compromising the OS's integrity.

    With that in mind, what kind of resources would you need before you could seriously consider attempting dual or quad processor support? And, if you were given unlimited access to those resources, how long would it take before a -stable release would be ready? I would really like to see this feature get implemented, although I know that at this point your developer team is busy enough as it is.

  • Thanks for OpenBSD, Theo. It runs my firewall.

    I love the cute new version of the blowfish logo! [openbsd.org] From the file name, it looks like she's called "Sushi".

    So my questions are (a) Who is the artist, and (b) When will there be a T-shirt with a picture of Sushi printed really big?


    Torrey Hoffman (Azog)
  • OpenVMS (no relation) and NT are two prominent operating systems that use a microkernel archetecture.

    NT's kernel isn't all that micro; network-layer and transport-layer protocols, file systems, and the drivers to which they talk live in kernel-mode code. Some of the Win32 environment is provided by a privileged user-mode server process, but this isn't one of those "almost all the real work is done in servers" microkernesl.

    VMS was, at least at one point, more microkernelish, as file systems were implemented in user-mode Ancillary Control Processes (or whatever ACP stood for); I have the impression that the file system code may have moved into kernel or executive mode, however.

  • The silence on IA64 from the BSD crowd is deafening.

    Low volume != silence. There is an IA64 FreeBSD port in progress [freebsd.org], although it's in its very early stages; I don't know whether the NetBSD folk are doing anything with IA64, but they've probably at least considered it.

  • How about looking at tools to allow insecure software to be used without compromising the integrity of the system? The effort to produce a secure OS base is largely wasted if adding new programs trashes the security. It's nice to have an OS like OpenBSD as the basis for high security bits like firewalls, but it's never going to get beyond a niche market if the security evaporates the moment that desktop/workstation applications are installed. What kinds of things is OpenBSD doing to help make it easier for developers to make secure applications?

  • In reality, side-effects usually cause errors to cascade through a microkernel. It's a nice theory, but not one that has ever been implemented in a workable way.

    (The kernels that -are- secure & stable are imposibly slow.)

  • I was wondering if you had any intention of making ISO images available for download any time soon. I personally think that part of Linux's appeal to the average person is the ability to easily burn a CD and give different distributions a try. Is the ISO thing just a money issue?

  • I am a great fan of OpenBSD, having supported the project through CDs, T-shirts, and cash donations. But what I would really like to donate to the OpenBSD project is pizza.

    Have you considered the technical feasibility and nutritious benefits of a pizza donation form on the openbsd.org site? Perhaps powered through partnership with a local pizza joint?

  • One of the criticisms i've heard of OpenBSD - merited or not - is that it faces the past, and concentrates more on fixing an existing model than on exploring new opportunities. Do you see OpenBSD sticking with its 4.4BSD baseline for the forseeable future, or would you consider moving towards a post-UNIX model like Plan 9? And speaking of Plan 9, what do you think of the Plan 9 License, http://cm.bell-labs.com/plan9dist/license.html
  • > What is your opinion of the "capabilities" model of security, as implemented in Linux

    Here's my opinion: Linux capabilities aren't. You want real capabilities, check out EROS [eros-os.org].

  • If donations to the theoretical non-profit where paid to Theo as income, then of course it would be taxed as income. On the other hand, the money could go into hardware, connectivity, or other 'buisiness' expenses paid by the non-profit. In this case, I suspect that it would still be tax free. I think that companies are generally taxed on profits, not revenue. I'd expect non-profits, if taxed at all, to be taxed in the same way.

    Also, I'm no tax lawyer, but I'd expect that total gift income (and certainly any inocome from CD sales) is taxable once the total amount is sufficiently large. If most of that money was going to support the project, there could be tax savings in creating an organization.

  • Heh!

    You're absolutely right, though. I completely forgot. Guess I need to brush up and do a "man foo".

  • Will there ever be binary patches for security bugs found in OpenBSD? It would be more convenient than recompiling every time, I wouldn't need the extra disk space and it would save some time.

    -jfedor
  • Microsoft have beaten them to it... some years ago they came out with this [amazon.co.uk]

    I use my copy that was bought by the PHB to raise the height of my monitor - and it's been stable for years. Ironic?.

  • by Effugas ( 2378 ) on Friday December 01, 2000 @08:01AM (#588289) Homepage
    Theo--

    First of all, I want to thank you for the hard work you've done building OpenBSD. It truly is a wonderful package.

    Much of the security in OpenBSD lies under the hood in the work you've done cleansing the source of unsafe library calls. While this work is appreciated, I've become more and more concerned lately about the fact that these changes are not necessarily documented and certainly not reflected in the version number of an application or utility.

    Version numbers reflect a snapshot in the life of a codebase. They're used to reference unsafe editions or particularly stable builds. Major number reflect code branches, but minor numbers reflect specific states of the code--such is the expectation of a user or an administrator when a version number is detected. Without granularity of versioning, I have no reason to trust or distrust a given application by its number; I must personally audit its source--and end up giving it a number of my own.

    You and your team are code auditing masters. Rather than pollute the namespace by making indistinguishable your securely built modified code and the original(and, by extension, your secure code and numerous unnamed distributions' "just get it to compile" modifications), wouldn't it be appropriate for OpenBSD to apply a name extension to any package which it has modified, and in the interests of full disclosure, to provide a reasonable CHANGELOG of the fixes contained therein?

    Yours Truly,

    Dan Kaminsky, CISSP
    DoxPara Research
    http://www.doxpara.com
  • So what's are your favorite local ride (within about 3 hours of home)? What's your favorite ride overall, anywhere? And the obvious required question from one biker to another- What's your best carnage story? :)

    Stay muddy,
    Jason
  • I wouldn't say that it has a clunky interface, exactly, or a higher learning curve. What it has is actually a very simple and elegant interface which encourages and assists you in learning in depth about your system very rapidly. Admittedly, my first free Unix-like system that I installed was Debian GNU/Linux (Specifically, "slink"), and I thought it was pretty easy to do, and people are always bitching about that, so YMMV.

    Regardless, I found the interface to be refreshingly simple, and it gave me a great deal of control over my system. I'm now completely addicted to OpenBSD. Sure, there are some things about Debian I miss, but there were things that I missed about Windows when I switched to Debian. And in both cases, I feel the benefits I get from the transition far outweigh the sacrifices I have to make.

    The ports system goes a long way to making things easier, much as apt does with Debian. So I can browse with a graphical browser, I can use KDE if I want, I can use Dia, the Gimp, and most other programs I find important for doing work. The main thing that needs to be done to make OpenBSD just about perfect for me as a Workstation OS is to have more supported audio programs, and part of that could just be ignorance on my part.

    Anyway, I've been using OpenBSD as my workstation OS for the past sixth months, and I've been very happy with it.

  • by MrSparkler ( 259864 ) on Friday December 01, 2000 @08:14AM (#588294)
    I've seen reports of estimated CD sales per release at being as high as 10000. Add in t-shirt/poster sales and donations and a relatively considerable sum of money is flowing around OpenBSD. Combine this with the fact that checks are to be written to Mr. de Raadt and I get curious as to how the finances are handled. Not that I'm suggesting any misappropriation is occurring, I would just like to know who is in charge of the money and whether or not the OpenBSD project is registered as a non-profit organization (and if it is then checks should be made out to - and the CD image should be copyrighted to - that organization). Also, I would like to see a small financial report put out (as would be required if it were a non-profit organization in Alberta) so that users can see where their money is going. Plus, I would also like know exactly how many CDs are sold per release.

    I greatly appreciate the work that the OpenBSD project developers have put in, and I plan on continuing to use, purchase, and donate to OpenBSD (and maybe even contribute when I get the technical skills) regardless of the answer to this question: Where exactly does the money go?
  • by Anonymous Coward
    Theo, Has any other development team approached you, asking you implement your model and technique of code auditing? Even Microsoft should be interested in it.

    Also, are there any plans to integrate Biometric hardware support into OpenBSD, to get rid of the human factor somewhat? Biometric capable OpenSSH would be a good start... Biometric capable login software...

    Thanks for your time,

    The Lerfted One
  • This was posted to the OpenBSD-Advocacy mailing list today, in response to the above:
    If there's any chance of arranging design and pre-order support for boxers before Theo posts responses, themed boxers for:


    'Blowfish'
    'Demon Inside'
    'Hardened'
    'Another Quality Package'
    'Unbelievable Uptime'
    'Yes, it's open.'
    This is not the first time OpenBSD boxers have been suggested, but it seems there are no companies that will silkscreen boxers.
  • Well, I must be one of the more insane OpenBSD users, since I believe that is the perfect OS for the laptop. My ability to use built in encryption with cfs and tcfs, makes it perfect for storing those company trade secrets, marketing data, sales info. Swap is encrypted as well. The atapiscsi CDR capability for ide is wonderful as well. My question is if you are going to continue to make OpenBSD laptop friendly? Thanks, Rob.
  • by spoonboy42 ( 146048 ) on Friday December 01, 2000 @12:38PM (#588301)
    OpenBSD is widely recognized, both inside and outside of the hacker community, as being an incredibly secure, stable, and robust operating system. Yet when the TrustedBSD project was recently founded to create a *BSD that would eventually be certified for use in the most sensitive areas of the US Government, FreeBSD was used as a starting point. Why do you believe this decision was made? What argument would you make for (or against) the use of OpenBSD in such a case?
  • Well, all of their code is in CVS. Every time one commits a change in CVS, it bumps the RCS version number. Also, if traffic on source-changes@openbsd.org is any indication, they are pretty good at logging what they do to their code, so maybe the answer to your question is effictively a grep of their CVS data.

    I don't think you understand how they package up their releases. It isn't like Red Hat or Debian, i.e. there are no individual packages like perl-5.003-666 or nethack-23-skiddoo. In CVS, one can have vendor releases that are imported as branches off the main line, to be integrated at some later date, so again this may become a matter of writing some kind of reporting system for their CVS tree.

    Does any of this make sense?


    Rev. Dr. Xenophon Fenderson, the Carbon(d)ated, KSC, DEATH, SubGenius, mhm21x16
  • Can someone explain to me the reason for all these different flavors of ice cream? I like it better when there was chocolate. or vanilla. but this country's gone to hell in a handbasket since they invented strawberry.
  • by rho ( 6063 ) on Friday December 01, 2000 @07:38AM (#588315) Journal

    Thanks for your work, Theo. I use OBSD every day as a workstation and as a firewall, and the Cop-chasing-script-kiddie t-shirt is the best.

    If you could time warp back to the beginning of OpenBSD's development (ignoring the scism that brought you to that point), what would you do differently? Would you have chosen a more commercial focus? Pushed SMP development earlier? Run around in circles waving your hands in the air?

    On another note, what's your feeling about commercial use of OpenBSD? i.e., do you support it, tolerate it, or what? (better example, I make a set-top box running OpenBSD, and I need the OS to do "X". If I called you and said, "Theo, I need OpenBSD to support 'X'", would I be told to piss up a rope, write it myself, or would the OpenBSD team do it for a price?)

  • by swagr ( 244747 ) on Friday December 01, 2000 @07:39AM (#588316) Homepage
    What do you think about Bruce Schneier [counterpane.com] saying "Security is a process, not a product." Is OpenBSD a secure product?
  • I think its an issue of man power...
    The site quotes: "The ports & packages collection does NOT go through the thorough security audit that OpenBSD follows. Although we strive to keep the quality of the packages collection high, we just do not have enough human resources to ensure the same level of robustness and security.
  • (No pun intended of course)

    To what extent do you see OpenBSD using more graphical tools as part of the system and install? Newbies coming to Linux in the last year now have a range of handholding options that make security and other decisions on their behalf, often with little merit, along the lines of the 'let's keep it in line with the Windows-style experience'. Do you think OpenBSD should make any moves in this direction?

    Very much looking forward to ordering 2.8.
  • by RocketJeff ( 46275 ) on Friday December 01, 2000 @08:24AM (#588323) Homepage
    I hate replying to what is probably a flamebait, but...

    Writing Solid Code : Microsoft's Techniques for Developing Bug-Free C Programs by Steve Maguire is a good book on the subject. Ignoring the obvious anti-MS mindset of the original poster, this book has good techniques for any platform.

    One of the books I rate higher then this is Steve McConnell's "Code Complete," which is also from MS Press. Maybe MS doesn't read their own books - but a lot of the are great.

  • Except of course it's a Mach 3.0 kernel, etc. My question stands as-is.
  • by n3rd ( 111397 ) on Friday December 01, 2000 @07:05AM (#588328)
    Theo, what are your general thoughts on the other UNIX variants out there? Is Solaris too slow? Is IRIX waaay insecure?

    Also, which UNIXes do you enjoy working with (other than OpenBSD)?
  • Tools like these already exist to somewhat prevent total system compromise through the compromise of one application. chroot and jail() are good examples, although I am uncertain whether OpenBSD has jail() (FreeBSD does, so it wouldn't be too much of a stretch to say OpenBSD does...).
  • Personal bias aside (heh), what considerations should a person take into account when chosing between OpenBSD and another free operating system which shall remain nameless?
  • by shamino ( 146659 ) on Friday December 01, 2000 @07:10AM (#588343) Homepage
    What is your intention for OpenBSD in the computing world? Most knowledgable people wouldn't doubt it is a great operating system and that it fits very well providing network services (I for one use it as a firewall, NAT router), but it's clunky interface (and higher learning curve) is keeping from being a top notch workstation (a la FreeBSD, Linux). Do you have any plans to increase OpenBSD's usability as a workstation type operating system? --Shamino
  • I'm pretty sure that the core GNUstep developers would be interested in auditing their code for security. The question is how to educate third-parties on the auditing process. I'd be interested in knowing your thoughts on this.
  • by dirtyhippie ( 259852 ) on Friday December 01, 2000 @07:49AM (#588350) Homepage
    What are your thoughts on Brian Kernighan's paper [umsl.edu] "Reflections on Trusting Trust"? It almost makes a code audit seem hopeless, because not only does one have to audit all of the code one compiles to trust it, but also all of the code that generated that code (ie previous versions of your c compiler).

    Would it be possible to, say, make a very small, very simple (read: no optimizations) cc compiler written in assembly for each architecture, and compile gcc (or whatever our system compiler is) with this trivial compiler first? It seems to me that this would eliminate the problem of having to know whether the entire history of whatever code we were running was trojan-free or not. If this is in fact possible, is it something that you would be interested in having in OpenBSD? In any event, keep up the good work!

  • As someone who has used (and still uses) OpenBSD from time to time I have been extremely impressed with the security and the fact that it installs a "minimal" system that you can later build up.

    However, as a person that deals with new entries into the use of open-source/free software on a regular basis, I have often wondered about the possibility of an easy to use/install version of OpenBSD. I realize in the past that the OpenBSD team has sort of shrugged off the ease of use idea as un-important when compared to the security issues, and that is all well and good for the primary drive of OpenBSD. However, as a person that would like to see people become more security concious (or at least aware of security as an issue), and a person that would love to see common desktop systems become far more secure, I have often wondered about developing a solid desktop system on top of OpenBSD.

    My question is not whether or not you and the OpenBSD team would themselves do this. I believe you have addressed this in the past (with a resounding "not now"). But, I would be interested in whether you would support an effort to do this sort of project or not. If a group were established with the sole purpose of developing a desktop distribution based on OpenBSD (and auditing every line of the desktop applications as well as your current teams does the base system), would you look at that as a positive for OpenBSD, or a negative? Would you be willing to commicate with the individuals that would be attempting this, and occassionally help them out with coding issues if they asked? Or would you at least voice support for an effort such as this? Or would you flat out seperate "real" OpenBSD from any attempt to make it more "user friendly"?

    I would be very interested in your response.

  • by Logic ( 4864 ) <esm+slashdot@logic.net> on Friday December 01, 2000 @08:28AM (#588352) Homepage
    Given the proliferation of cheap (ala CheapBytes [cheapbytes.com]) and free (from zedz [zedz.net], for example) ISO images of OpenBSD CDs, and the far more "available" nature of your *BSD and Linux competition, do you believe that your copyright (and through it, the official OpenBSD policies you've created) on the layout of the OpenBSD CD still warranted? Why?
  • by Semaphore ( 177560 ) on Friday December 01, 2000 @08:32AM (#588359)
    Hi Theo,

    First, thanks for your work. I use OpenBSD every day for both workstations and servers. It's hard to beat.

    My question is: How did you get started with OS programming? I guess reading books(Such as The design and implementation of 4.4BSD by McKusick & Bostic) together with source is one way to start. But which path did you take and how would you recommend getting into the details, given a solid knowledge of C, application development etc is present?

    Good luck in the future!
  • by LizardKing ( 5245 ) on Friday December 01, 2000 @07:11AM (#588364)
    Would you and/or other members of the OpenBSD coders consider writing a book on secure, bug-free coding and auditing? Most programming books feature sample code that is written for pedagogical purposes. Quite often this runs contrary to how secure code should be written, leaving a gap in many a programmers knowledge. A book on audinting and how to avoid security pitfalls when coding would also make your life easier - less code to audit for OpenBSD, and more time top concentrate on nifty new features!!!


    Chris
  • by account_deleted ( 4530225 ) on Friday December 01, 2000 @07:11AM (#588365)
    Comment removed based on user account deletion
  • by neutrino ( 11215 ) on Friday December 01, 2000 @07:13AM (#588367)
    Theo,
    I also am an avid rock climber and I was wondering what level you climb at and what you feelis your biggest climbing accomplishment. Do you do big wall or any mountaineering, or do you just do sport climbing and bouldering?
    --neutrino
  • by Atreides_78723 ( 228515 ) on Friday December 01, 2000 @07:13AM (#588368)

    Assuming you are speaking with someone who somewhat unfamiliar with OpenBSD, what would you say sets it apart from other operating systems? Why would it be preferable to *nixes or NT or whatever else someone could think of?

  • by keepper ( 24317 ) on Friday December 01, 2000 @07:14AM (#588371) Homepage

    This probably has been commented a lot, and there are more issues than just pure technical ones for this not having happenned before. But, is there any thought on your part, of possibly more code sharing between the bsd's.

    Maybe even creating an "architecture council" in which the core of each project would have a say on features that should/can/may be implemented on both kernel and userland?

    This would not have to be a "you must do this" kinda thing, but rather and amicable forum to discuss new ideas and share implementations?

    So what's your thought on this? do-able, possibility, of have i been smoking too much crack?

    ;)
  • I guess I could be more specific

    As a wise AC posted below, let's say I have a product in mind that uses OBSD as a base. However, in order to make the product more powerful, I needed the OBSD kernel to move from user-space threads to kernel threads.

    If I offered the OBSD team $50K to move the kernel to that model, would they do it?

    A more egregious example: in order to make my Whizzo Superdevice sell, I need OBSD to integrate a proprietary security algorithm within the kernel structure (for God-knows what reason -- it's an hypothetical, worst-case example). The kernel needs to support it, but the algorithm can't be distributed with the normal distribution. Would the OBSD team merge it into CVS (assuming I'm just a guy with a great idea but no coding "skillz")?

    It would be a tough call for me, I know. I'm not terribly idealistic, and the $$$s might sway me -- I was wondering if Theo is immune or not.

  • project goals [openbsd.rt.fm].

    it's the first link on the page. why was this moderated so high?

  • What about PicoBSD?
  • I've yet to find any claims that weren't obviouly biased (Open people saying that Open is better, Free people saying that Free is better, etc.). I think of myself as a Linux guy, but I like to play with all of the BSDs.

    My own perceptions:
    FreeBSD is nifty, and accepts code almost as liberally as Linux. That is, poorly written but functional is acceptable. This tends to result in FreeBSD having more nifty features that work before any of the other BSDs. However, the design is very evolutionary and distributed, and some bits of the code are just plain scary. Broken things that lots of people care about (like speed issues) are fixed quickly. Broken things that not many people care about tend to be ignored.

    NetBSD contains the sort of code that'd make CS professors proud. It's clean and well-documented, and there's a lot of thought given to design and the larger picture. Like a CS project, though, it tends to be slow, as the most intuitive way to do things is often not the fastest. There are also times when the "run on anything" focus gets in the way of maximum performance.

    OpenBSD audits their code for security, and the auditing gets rid of the worst of the poorly written code, but sometimes, the most secure design is horrifically unintuitive. The newer bits (like OpenSSH) show this the most: you'll need to make a sanity check after looking at some bits of that code. I really REALLY like the emphasis on security, though. It feels a little bit slower than FreeBSD, but not as slow as NetBSD. I have no hard numbers to back me up, just personal perception.

    --
  • by Jose ( 15075 ) on Friday December 01, 2000 @08:39AM (#588380) Homepage
    On another note, what's your feeling about commercial use of OpenBSD?

    The OpenBSD team is happy to have the commercial use of OpenBSD...a quote from their web page:"OpenBSD encourages companies and independent developers to create products for use with OpenBSD, or based on OpenBSD itself. "[1]

    They may or may not implement "X" for you though. I would imagine that if what you want is of general interest to everyone, they would probably do it for free, if not you could contact some of the developers on this page [openbsd.org], and they would probably be happy to help you out..for a price.

    [1] taken from http://openbsd.org/products.html [openbsd.org]

  • Stallion Technologies offers embedded OpenBSD-based appliances, but there is little to no information regarding the building of such a device. It seems to me that OpenBSD would be great as a floppy-based firewall, and I can think of many other uses for a small-footprint/embedded version of OpenBSD. Does OpenBSD have any plans for providing consise documentation on the building of such a system? Barring this, does the OpenBSD project have any plans to document how the OS can be installed on a single floppy disk?
  • by jd ( 1658 ) <imipak&yahoo,com> on Friday December 01, 2000 @07:14AM (#588386) Homepage Journal
    With the release of SGI's B1 code, and the attempts by many U*ixen to secure their contents via capabilities, ACL's, etc, ad nausium, how is OpenBSD approaching the issue of resource control?

    On a side note, is OpenBSD likely to ever head in the direction of being a distributed kernel? And, if so, how would security and resource management be maintained? (It's hard enough on a central kernel system.)

  • by PapaZit ( 33585 ) on Friday December 01, 2000 @07:15AM (#588390)
    A lot of people know that OpenBSD forked from NetBSD, and there's still some animosity between the two groups. Personally, I think that the competition has helped both groups (NetBSD now ships with far fewer open services, for example).

    Egos are delicate things, but do you see any chance for greater cooperation in the future, or do you see more forking and division as inevitable?

    --
  • Given the desire to audit code before it makes it into OpenBSD, and the limited number of people who find joy in code audits, do you feel that OpenBSD will eventually end up so far behind to be eventually considered a historic footmark, like 386BSD?

    Do you feel that others opinion of you hurts the progress of the OpenBSD project? (if honey attracts flies {bugs}, does your vinegar nature keep the bugs away?)
  • by Cmdr. Marille ( 189584 ) on Friday December 01, 2000 @07:16AM (#588393)
    What do you think will be major Security improvements/features(kernel/base system) that are going to be added to OpenBSD?
    Where is there still room for a lot of improvement? Also what are the goals of the OpenBSD project besides default Security?

"Confound these ancestors.... They've stolen our best ideas!" - Ben Jonson

Working...