Date: Sun, 3 Feb 2002 06:35:34 +0100 From: Jean-Yves Lefort <jylefort@brutele.be> To: freebsd-questions@FreeBSD.org Cc: inemes@transylvania.com.au, drevil@sidereal.kz, misc@OpenBSD.org Subject: Re: Security: FreeBSD vs OpenBSD Message-ID: <20020203063534.A78828@jsite.lefort.net> In-Reply-To: <3C5CA9A0.C7F62D63@transylvania.com.au>; from inemes@transylvania.com.au on Sun, Feb 03, 2002 at 02:08:16PM %2B1100 References: <20020202212736.A68642@jsite.lefort.net> <20020203021426.29751.qmail@sidereal.kz> <3C5CA9A0.C7F62D63@transylvania.com.au>
next in thread | previous in thread | raw e-mail | index | archive | help
Your enlightenments are useful, I especially felt enthusiast while browsing the TrustedBSD website. However, at this point of the thread, I should probably precise my toughts. I wonder if the security reputation of OpenBSD is only based on the fact that they ship the system in a secure by default mode, or if the OpenBSD kernel itself is more secure than the FreeBSD kernel. Regards, Jean-Yves Lefort On Sun, Feb 03, 2002 at 02:08:16PM +1100, Ioan Nemes wrote: > That's great, but how about some URLs (links to TrustedBSD ... etc.) > your message is incomplete. > > Ioan > > > "Dr. Evil" wrote: > > > > > Is OpenBSD more secure than FreeBSD (I don't mean "out of the box", but after > > > a complete security audit leading to an optimal configuration of the system). > > > > Both are excellent OSes. OpenBSD definitely has less features and > > more focus on security than FreeBSD does. With proper installation > > you could run either of them in a very secure way. With improper > > installation, you could have a lot of problems with either of them. > > Unfortunately, they both share the same, deeply flawed security model, > > which is that there are two levels of permission on the system: Root > > and non-root. "Break root" is one of the steps in basically every > > hack on either of the systems. The right way to solve that problem is > > to not have a root user. Take a look at TrustedBSD, SELinux and EROS > > for examples of some OSes with more advanced security models. I am > > excited by those three OSes, but unfortunately I'm not sure if any of > > them are really ready to use in an ordinary production enviornment. > > I'm watching all three of them carefully because they are quite > > promising. Unfortunately security is a poorly understood thing by > > most people who are supposedly security specialists... but OSes like > > EROS show a real understanding a a real security focused design. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20020203063534.A78828>