1 |
Well, first bugs are always there, maybe the unique difference between |
2 |
this two OS is that OpenBSD have found more of them (maybe), this does |
3 |
not means that OpenBSD is free of bugs, it stills having them be sure |
4 |
of this, if this statement is not true why they are still making |
5 |
auditories to their code if there are not bugs?. |
6 |
|
7 |
This is not an ideal world, software is written by humans so since |
8 |
humans are not perfect, software is not perfect too, bugs will exist |
9 |
forever, the only thing developers can do is searching for them, |
10 |
nothing more. |
11 |
|
12 |
Do you want something to be safe?, first make your system a B1 one |
13 |
(orange book), configure rsbac/Selinux to do so, configure PaX, make |
14 |
an trusted path execution to avoid execution of untrusted software |
15 |
(exploits) and then control the execution of perl an python (between |
16 |
others) scripts (in the way of perl blablabla.pl, which does not need |
17 |
execution rights). You under this two frameworks you can do it. Can |
18 |
you do this under OpenBSD ;). |
19 |
|
20 |
2008/8/20, Jan Klod <janklodvan@×××××.com>: |
21 |
> Hello, |
22 |
> some people in gentoo forum made me ask this one: it is supposed, that |
23 |
> regular |
24 |
> updates of system is a wise thing to do, but, excuse me, ... those bugs and |
25 |
> holes are there before someone say "update them" -- so do you agree, nowdays |
26 |
> Linux is never safe? |
27 |
> OpenBSD has its own slogan about only very few remote holes in long time -- |
28 |
> so |
29 |
> it makes an impression, I can install an OpenBSD machine and let it do it's |
30 |
> job. |
31 |
> Can anyone crash my impression about OpenBSD (and is it still alive enough, |
32 |
> by |
33 |
> the way?)? |
34 |
> How about hardened gentoo in this regard (create system for few, specific |
35 |
> purposes and leave it for years without damn update hustle)? |
36 |
> |
37 |
> I realize, this is "in general", but the question is about software writing |
38 |
> style (think when write it or wait for someone to find what is wrong) and |
39 |
> ways to protect from bugs (like overflows etc) in software. |
40 |
> |
41 |
> In ideal world, updates are necessary only to get software, that has new |
42 |
> functions -- do we seam to approach it? |
43 |
> |
44 |
> Jan |
45 |
> |
46 |
> |