From owner-freebsd-hackers  Sun May 23  2:14:22 1999
Delivered-To: freebsd-hackers@freebsd.org
Received: from smtp04.wxs.nl (smtp04.wxs.nl [195.121.6.59])
	by hub.freebsd.org (Postfix) with ESMTP id 3EA0514F5B
	for <hackers@FreeBSD.ORG>; Sun, 23 May 1999 02:14:18 -0700 (PDT)
	(envelope-from asmodai@wxs.nl)
Received: from daemon.ninth-circle.org ([195.121.197.6]) by smtp04.wxs.nl
          (Netscape Messaging Server 3.61)  with ESMTP id AAA4C88;
          Sun, 23 May 1999 11:14:16 +0200
Received: from daemon.ninth-circle.org (abaddon@daemon [192.168.0.1])
	by daemon.ninth-circle.org (8.9.3/8.9.3) with ESMTP id LAA89783;
	Sun, 23 May 1999 11:14:34 +0200 (CEST)
	(envelope-from asmodai@wxs.nl)
Message-ID: <XFMail.990523111434.asmodai@wxs.nl>
X-Mailer: XFMail 1.3 [p0] on FreeBSD
X-Priority: 3 (Normal)
Content-Type: text/plain; charset=iso-8859-1
Content-Transfer-Encoding: 8bit
MIME-Version: 1.0
In-Reply-To: <14446.927449800@verdi.nethelp.no>
Date: Sun, 23 May 1999 11:14:34 +0200 (CEST)
Organization: Ninth Circle Enterprises
From: Jeroen Ruigrok/Asmodai <asmodai@wxs.nl>
To: sthaug@nethelp.no
Subject: RE: security: what does OpenBSD have, that FreeBSD doesn't have.
Cc: hackers@FreeBSD.ORG, andreas@klemm.gtn.com
Sender: owner-freebsd-hackers@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.ORG

On 23-May-99 sthaug@nethelp.no wrote:
>> The OpenBSD team does a lot wrt auditing of the complete sourcetree, but
>> then the question is: is this valid concern or is this pure paranoia.
>> OpenBSD does a lot of valid changes but borders (and sometimes crosses
>> that border) on paranoia, wrt code.
> 
> Given the number of postings to BUGTRAQ about array overflows and stack
> smashing, I think it's relevant to ask whether it possible to be *too*
> paranoid here. Personally, I think what the OpenBSD folks are doing is
> very important.

Paranoia/security and freedom of use are opposites on the balance of use.
If you make so much security restrictions to a system it's bound to make it
less enjoyable where it concerns freedom.

>> A lot of the security tools can be get from the ports, but the true
>> security of a system lies in the eye of the admin. I have known admins
>> whom I would never trust mission critical security systems to.
> 
> "The true security of a system" depends on the operating system itself,
> the applications, *and* the admin. You can be a very good and security
> conscious admin - but it won't help you much if the operating system is
> Windows 98.

Correct there Steinaur, I left those other two out. But then the admin most
certainly knows that he has to replace that Win98 box with FreeBSD ;)

---
Jeroen Ruigrok van der Werven                asmodai(at)wxs.nl
        The FreeBSD Programmer's Documentation Project 
Network/Security Specialist      <http://home.wxs.nl/~asmodai>
*BSD: Accept no limitations...


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-hackers" in the body of the message