From owner-freebsd-questions Fri Sep 28 2:27: 6 2001 Delivered-To: freebsd-questions@freebsd.org Received: from obsecurity.dyndns.org (adsl-63-207-60-153.dsl.lsan03.pacbell.net [63.207.60.153]) by hub.freebsd.org (Postfix) with ESMTP id F35FD37B40A for ; Fri, 28 Sep 2001 02:27:02 -0700 (PDT) Received: by obsecurity.dyndns.org (Postfix, from userid 1000) id 4C66566DD9; Fri, 28 Sep 2001 02:27:02 -0700 (PDT) Date: Fri, 28 Sep 2001 02:27:02 -0700 From: Kris Kennaway To: Gabriel Ambuehl Cc: Kris Kennaway , Rob Andrews , questions@FreeBSD.ORG Subject: Re: FreeBSD a good choice for high performance webservers? Message-ID: <20010928022701.A8914@xor.obsecurity.org> References: <60164745040.20010926174838@buz.ch> <20010926095640.C86198@xor.obsecurity.org> <20010926123312.A51520@switchblade.cyberpunkz.org> <187172118202.20010926195131@buz.ch> <20010926220622.A92357@xor.obsecurity.org> <70310952606.20010928102525@buz.ch> <20010928020447.A8606@xor.obsecurity.org> <124313710411.20010928111123@buz.ch> Mime-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-md5; protocol="application/pgp-signature"; boundary="3MwIy2ne0vdjdPXF" Content-Disposition: inline User-Agent: Mutt/1.2.5i In-Reply-To: <124313710411.20010928111123@buz.ch>; from gabriel_ambuehl@buz.ch on Fri, Sep 28, 2001 at 11:11:23AM +0200 Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG --3MwIy2ne0vdjdPXF Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Fri, Sep 28, 2001 at 11:11:23AM +0200, Gabriel Ambuehl wrote: > Hello Kris, >=20 > Friday, September 28, 2001, 11:04:47 AM, you wrote: >=20 > >> but apparently none in the default install which is the only thing > >> they really care for to make the above statement. > > Be careful..the version they were shipping a year and a half ago > > (OpenBSD 2.7?) had a remote root exploit in the default install > > (telnetd). The "four years" number is only true by a very > > roundabout interpretation -- it certainly doesn't mean what you > > expect it to. =20 >=20 > I think this applies if you install all the patches as they become > available (which you should do with any OS outthere). AFAIK, they > consider not having a remote root hole to be true as long as they > patch the holes before they get publicly announced by themselves. No, that still fails..the telnetd hole was discovered by others. They only seem to count it if it was a vulnerability in the very latest version of OpenBSD at the time it was publicized; too bad if the previous version from 3 months ago shipped with the vulnerability in place but that service was disabled just after the release. > Anyway, the whole slogan isn't of much use since one can hardly use a > system that's that stripped down the default installation of OpenBSD > is... Yes, indeed. The same is true for most systems, including FreeBSD.=20 Kris --3MwIy2ne0vdjdPXF Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.6 (FreeBSD) Comment: For info see http://www.gnupg.org iD8DBQE7tEJlWry0BWjoQKURAtKqAKCmheEFmhEWpMpOwaD2X7jsvqpxvwCfdsel nhFjkdxem+Hlg0z4vhpfohQ= =mOz7 -----END PGP SIGNATURE----- --3MwIy2ne0vdjdPXF-- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message