Date: Sun, 23 May 1999 10:56:40 +0200 From: sthaug@nethelp.no To: asmodai@wxs.nl Cc: andreas@klemm.gtn.com, hackers@FreeBSD.ORG Subject: RE: security: what does OpenBSD have, that FreeBSD doesn't have. Message-ID: <14446.927449800@verdi.nethelp.no> In-Reply-To: Your message of "Sun, 23 May 1999 10:33:20 %2B0200 (CEST)" References: <XFMail.990523103320.asmodai@wxs.nl>
next in thread | previous in thread | raw e-mail | index | archive | help
> The OpenBSD team does a lot wrt auditing of the complete sourcetree, but > then the question is: is this valid concern or is this pure paranoia. > OpenBSD does a lot of valid changes but borders (and sometimes crosses thta > border) on paranoia, wrt code. Given the number of postings to BUGTRAQ about array overflows and stack smashing, I think it's relevant to ask whether it possible to be *too* paranoid here. Personally, I think what the OpenBSD folks are doing is very important. > A lot of the security tools can be get from the ports, but the true > security of a system lies in the eye of the admin. I have known admins whom > I would never trust mission critical security systems to. "The true security of a system" depends on the operating system itself, the applications, *and* the admin. You can be a very good and security conscious admin - but it won't help you much if the operating system is Windows 98. Steinar Haug, Nethelp consulting, sthaug@nethelp.no To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-hackers" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?14446.927449800>