From owner-freebsd-questions  Fri Sep 28  2: 4:51 2001
Delivered-To: freebsd-questions@freebsd.org
Received: from obsecurity.dyndns.org (adsl-63-207-60-153.dsl.lsan03.pacbell.net [63.207.60.153])
	by hub.freebsd.org (Postfix) with ESMTP id A508E37B40C
	for <questions@FreeBSD.ORG>; Fri, 28 Sep 2001 02:04:48 -0700 (PDT)
Received: by obsecurity.dyndns.org (Postfix, from userid 1000)
	id 0702D66D46; Fri, 28 Sep 2001 02:04:47 -0700 (PDT)
Date: Fri, 28 Sep 2001 02:04:47 -0700
From: Kris Kennaway <kris@obsecurity.org>
To: Gabriel Ambuehl <gabriel_ambuehl@buz.ch>
Cc: Kris Kennaway <kris@obsecurity.org>,
	Rob Andrews <rob@cyberpunkz.org>, questions@FreeBSD.ORG
Subject: Re: FreeBSD a good choice for high performance webservers?
Message-ID: <20010928020447.A8606@xor.obsecurity.org>
References: <60164745040.20010926174838@buz.ch> <20010926095640.C86198@xor.obsecurity.org> <20010926123312.A51520@switchblade.cyberpunkz.org> <187172118202.20010926195131@buz.ch> <20010926220622.A92357@xor.obsecurity.org> <70310952606.20010928102525@buz.ch>
Mime-Version: 1.0
Content-Type: multipart/signed; micalg=pgp-md5;
	protocol="application/pgp-signature"; boundary="mYCpIKhGyMATD0i+"
Content-Disposition: inline
User-Agent: Mutt/1.2.5i
In-Reply-To: <70310952606.20010928102525@buz.ch>; from gabriel_ambuehl@buz.ch on Fri, Sep 28, 2001 at 10:25:25AM +0200
Sender: owner-freebsd-questions@FreeBSD.ORG
Precedence: bulk
List-ID: <freebsd-questions.FreeBSD.ORG>
List-Archive: <http://docs.freebsd.org/mail/> (Web Archive)
List-Help: <mailto:majordomo@FreeBSD.ORG?subject=help> (List Instructions)
List-Subscribe: <mailto:majordomo@FreeBSD.ORG?subject=subscribe%20freebsd-questions>
List-Unsubscribe: <mailto:majordomo@FreeBSD.ORG?subject=unsubscribe%20freebsd-questions>
X-Loop: FreeBSD.ORG


--mYCpIKhGyMATD0i+
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable

On Fri, Sep 28, 2001 at 10:25:25AM +0200, Gabriel Ambuehl wrote:
> Hello Kris,
>=20
> Thursday, September 27, 2001, 7:06:22 AM, you wrote:
> >> would happen if someone found a remote root hole in OpenBSD?
> >> Exactly.=20
> > I'm not sure what you're trying to say here..OpenBSD has had plenty
> > of remote root holes lately.
>=20
> "Four years without a remote hole in the default install!"
>=20
> but apparently none in the default install which is the only thing
> they really care for to make the above statement.

Be careful..the version they were shipping a year and a half ago
(OpenBSD 2.7?) had a remote root exploit in the default install
(telnetd).  The "four years" number is only true by a very roundabout
interpretation -- it certainly doesn't mean what you expect it to.

Kris

--mYCpIKhGyMATD0i+
Content-Type: application/pgp-signature
Content-Disposition: inline

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.6 (FreeBSD)
Comment: For info see http://www.gnupg.org

iD8DBQE7tD0vWry0BWjoQKURApCpAJ9tXmBi94HAMeNLN+OMM/+5WyZZQACg+0l2
c6r4dEtWgS2dNTt2TMtuMDU=
=5pA4
-----END PGP SIGNATURE-----

--mYCpIKhGyMATD0i+--

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-questions" in the body of the message