From owner-freebsd-hackers Sun May 23 1:56:50 1999 Delivered-To: freebsd-hackers@freebsd.org Received: from verdi.nethelp.no (verdi.nethelp.no [158.36.41.162]) by hub.freebsd.org (Postfix) with SMTP id A647814D74 for ; Sun, 23 May 1999 01:56:44 -0700 (PDT) (envelope-from sthaug@nethelp.no) Received: (qmail 14448 invoked by uid 1001); 23 May 1999 08:56:41 +0000 (GMT) To: asmodai@wxs.nl Cc: andreas@klemm.gtn.com, hackers@FreeBSD.ORG Subject: RE: security: what does OpenBSD have, that FreeBSD doesn't have. From: sthaug@nethelp.no In-Reply-To: Your message of "Sun, 23 May 1999 10:33:20 +0200 (CEST)" References: X-Mailer: Mew version 1.05+ on Emacs 19.34.2 Mime-Version: 1.0 Content-Type: Text/Plain; charset=us-ascii Date: Sun, 23 May 1999 10:56:40 +0200 Message-ID: <14446.927449800@verdi.nethelp.no> Sender: owner-freebsd-hackers@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG > The OpenBSD team does a lot wrt auditing of the complete sourcetree, but > then the question is: is this valid concern or is this pure paranoia. > OpenBSD does a lot of valid changes but borders (and sometimes crosses thta > border) on paranoia, wrt code. Given the number of postings to BUGTRAQ about array overflows and stack smashing, I think it's relevant to ask whether it possible to be *too* paranoid here. Personally, I think what the OpenBSD folks are doing is very important. > A lot of the security tools can be get from the ports, but the true > security of a system lies in the eye of the admin. I have known admins whom > I would never trust mission critical security systems to. "The true security of a system" depends on the operating system itself, the applications, *and* the admin. You can be a very good and security conscious admin - but it won't help you much if the operating system is Windows 98. Steinar Haug, Nethelp consulting, sthaug@nethelp.no To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-hackers" in the body of the message