| 1 |
Well, first bugs are always there, maybe the unique difference between |
| 2 |
this two OS is that OpenBSD have found more of them (maybe), this does |
| 3 |
not means that OpenBSD is free of bugs, it stills having them be sure |
| 4 |
of this, if this statement is not true why they are still making |
| 5 |
auditories to their code if there are not bugs?. |
| 6 |
|
| 7 |
This is not an ideal world, software is written by humans so since |
| 8 |
humans are not perfect, software is not perfect too, bugs will exist |
| 9 |
forever, the only thing developers can do is searching for them, |
| 10 |
nothing more. |
| 11 |
|
| 12 |
Do you want something to be safe?, first make your system a B1 one |
| 13 |
(orange book), configure rsbac/Selinux to do so, configure PaX, make |
| 14 |
an trusted path execution to avoid execution of untrusted software |
| 15 |
(exploits) and then control the execution of perl an python (between |
| 16 |
others) scripts (in the way of perl blablabla.pl, which does not need |
| 17 |
execution rights). You under this two frameworks you can do it. Can |
| 18 |
you do this under OpenBSD ;). |
| 19 |
|
| 20 |
2008/8/20, Jan Klod <janklodvan@×××××.com>: |
| 21 |
> Hello, |
| 22 |
> some people in gentoo forum made me ask this one: it is supposed, that |
| 23 |
> regular |
| 24 |
> updates of system is a wise thing to do, but, excuse me, ... those bugs and |
| 25 |
> holes are there before someone say "update them" -- so do you agree, nowdays |
| 26 |
> Linux is never safe? |
| 27 |
> OpenBSD has its own slogan about only very few remote holes in long time -- |
| 28 |
> so |
| 29 |
> it makes an impression, I can install an OpenBSD machine and let it do it's |
| 30 |
> job. |
| 31 |
> Can anyone crash my impression about OpenBSD (and is it still alive enough, |
| 32 |
> by |
| 33 |
> the way?)? |
| 34 |
> How about hardened gentoo in this regard (create system for few, specific |
| 35 |
> purposes and leave it for years without damn update hustle)? |
| 36 |
> |
| 37 |
> I realize, this is "in general", but the question is about software writing |
| 38 |
> style (think when write it or wait for someone to find what is wrong) and |
| 39 |
> ways to protect from bugs (like overflows etc) in software. |
| 40 |
> |
| 41 |
> In ideal world, updates are necessary only to get software, that has new |
| 42 |
> functions -- do we seam to approach it? |
| 43 |
> |
| 44 |
> Jan |
| 45 |
> |
| 46 |
> |
Archives