From owner-freebsd-questions Fri Sep 28 2: 7:34 2001 Delivered-To: freebsd-questions@freebsd.org Received: from gamma.root-servers.ch (gamma.root-servers.ch [195.49.62.126]) by hub.freebsd.org (Postfix) with SMTP id 79EC437B40A for ; Fri, 28 Sep 2001 02:07:29 -0700 (PDT) Received: (qmail 31446 invoked from network); 28 Sep 2001 09:07:24 -0000 Received: from dclient217-162-128-224.hispeed.ch (HELO athlon550) (217.162.128.224) by 0 with SMTP; 28 Sep 2001 09:07:24 -0000 Date: Fri, 28 Sep 2001 11:11:23 +0200 From: Gabriel Ambuehl X-Mailer: The Bat! (v1.53bis) Educational Organization: BUZ Internet Services X-Priority: 3 (Normal) Message-ID: <124313710411.20010928111123@buz.ch> To: Kris Kennaway Cc: Rob Andrews , questions@FreeBSD.ORG Subject: Re[2]: FreeBSD a good choice for high performance webservers? In-Reply-To: <20010928020447.A8606@xor.obsecurity.org> References: <60164745040.20010926174838@buz.ch> <20010926095640.C86198@xor.obsecurity.org> <20010926123312.A51520@switchblade.cyberpunkz.org> <187172118202.20010926195131@buz.ch> <20010926220622.A92357@xor.obsecurity.org> <70310952606.20010928102525@buz.ch> <20010928020447.A8606@xor.obsecurity.org> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG -----BEGIN PGP SIGNED MESSAGE----- Hello Kris, Friday, September 28, 2001, 11:04:47 AM, you wrote: >> but apparently none in the default install which is the only thing >> they really care for to make the above statement. > Be careful..the version they were shipping a year and a half ago > (OpenBSD 2.7?) had a remote root exploit in the default install > (telnetd). The "four years" number is only true by a very > roundabout interpretation -- it certainly doesn't mean what you > expect it to. I think this applies if you install all the patches as they become available (which you should do with any OS outthere). AFAIK, they consider not having a remote root hole to be true as long as they patch the holes before they get publicly announced by themselves. Anyway, the whole slogan isn't of much use since one can hardly use a system that's that stripped down the default installation of OpenBSD is... Best regards, Gabriel  -----BEGIN PGP SIGNATURE----- Version: PGP 6.5i iQEVAwUBO7QwtcZa2WpymlDxAQGYHwgAvAlsM9OX01XNSvuvIqkRC2qTK0OEuwB0 +uvKX9LTo8A0TQnjw3Y8S+gB0vgd9eBnvJds7S4SUmkYOSotxl+Ih1zXKmUo3EJj bJd6Vzb0RNdrdKbI2EJRKzMyLAM3O+/SdmJczmMFOmzVdZL4zaNvmq9Og4jfXDlC 7AT49gsEhebcQNzxrBZGp+Y8rLKtT7SQxWeCTDtZN9nT2vHQUYm3IYBiaHqmbcWP abCkFYGnIw48iUGMY7Kj3OBfzYDiDHEVbRjvRuI1LxtIqzVOC+P2C+J25wCreQ81 F5XJFIPCI40WHONm5UTl4eYo2A8tpueFaYW3zyIuHzrR4CZySPhZ+w== =QA2f -----END PGP SIGNATURE----- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message