From owner-freebsd-advocacy  Thu Jun 21 23: 3:42 2001
Delivered-To: freebsd-advocacy@freebsd.org
Received: from saturn.cs.uml.edu (saturn.cs.uml.edu [129.63.8.2])
	by hub.freebsd.org (Postfix) with ESMTP id 95B7D37B401
	for <FreeBSD-advocacy@freebsd.org>; Thu, 21 Jun 2001 23:03:39 -0700 (PDT)
	(envelope-from acahalan@saturn.cs.uml.edu)
Received: (from acahalan@localhost)
	by saturn.cs.uml.edu (8.11.0/8.11.2) id f5M62MG421878;
	Fri, 22 Jun 2001 02:02:22 -0400 (EDT)
Date: Fri, 22 Jun 2001 02:02:22 -0400 (EDT)
Message-Id: <200106220602.f5M62MG421878@saturn.cs.uml.edu>
From: "Albert D. Cahalan" <acahalan@cs.uml.edu>
To: beachboywu@yahoo.com
Cc: FreeBSD-advocacy@freebsd.org
Subject: Re: Ask a question.. Thanks..
Sender: owner-freebsd-advocacy@FreeBSD.ORG
Precedence: bulk
List-ID: <freebsd-advocacy.FreeBSD.ORG>
List-Archive: <http://docs.freebsd.org/mail/> (Web Archive)
List-Help: <mailto:majordomo?subject=help> (List Instructions)
List-Subscribe: <mailto:majordomo?subject=subscribe%20freebsd-advocacy>
List-Unsubscribe: <mailto:majordomo?subject=unsubscribe%20freebsd-advocacy>
X-Loop: FreeBSD.ORG


> Currently, I am doing a report that evaluates and
> compares openBSD and Linux (with the NSA security 
> extensions)

It is interesting that you compare OpenBSD and Linux on
a FreeBSD mailing list.

> as a potential platform for a VPN gateway/router.
> I will be using IPSec as security protocol. 
> I'd be appreciated if you can tell me which one of 
> these operating systems is more secure in general and 
> why. Thanks for the help...

OpenBSD: trys to eliminate all holes
seLinux: trys to keep "successful" attacks contained

Once an attacker gets root on an OpenBSD box, game over.
You lost. Your box is owned. Still, it's hard to crack
an OpenBSD box. But then again, there was a root-level
exploit a week or two ago. It only takes one hole you know.

The seLinux box is full of holes, and everybody knows it.
They have wu-FTPd even. So the attacker gets root, but
with seLinux they don't own you. The damage is contained
to specific roles and/or security levels. It is possible
to have a root login that can edit files in /etc, while at
the same time having an attacker with root being blocked
from doing this. The system might require vi for editing
/etc/inittab, but require emacs for editing /etc/lilo.conf.
This is kernel-enforced; you can't escape it with a debugger.

Think about it this way: do you build a huge oil tanker ship
with one strong hull (OpenBSD style) or do you build it with
a double hull and many separate compartments inside (seLinux
style) to make sure a single hole won't dump out all the oil?

Do you believe that Theo has finally fixed every last bug?
I guess this boils down to optimism (OpenBSD) and pessimism
(seLinux). Either you trust that _all_ security holes in
OpenBSD have been fixed, or you use seLinux to contain the
damage of exploits which you believe are inevitable.

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-advocacy" in the body of the message