[rescue] OpenBSD

[Dave McGuire]

On January 27, Patrick Giagnocavo wrote:
> There are/were vulnerabilities in NetBSD libraries that are not in the
> equivalent OpenBSD libraries.  This would seem to support the hype.

  There were indeed.  There are security holes in every operating
system that aren't in any other operating system.  But are there
*now*?  Yes the OpenBSD folks have done a lot of good work w.r.t. code
security auditing and stuff, and I applaud that.  But it's not like
they're the only people on earth who can (and do) fix bugs.

> The NetBSD guys split because they didn't want to follow the 386BSD
> guys' lead, right? OK I am yanking your chain.

  Yes, you are, and I'm brewing a special wet fart just for you.  I'm
going to pack it on dry ice and fedex it to you.

> What about pf?  Didn't the same guys who did OpenBSD do OpenSSH?

  I don't know anything about pf, it might be great...ipf works great
for me.  SSH...no thanks, I run more machines than is reasonable for
ssh.  And the "hole of the week" aspect of ssh makes it a little less
than appetizing.

> Didn't they audit and release a pretty decent version of bind4?

  BIND _4_?!  BIND 4 had been obsolete for nearly a year when I left
digex FIVE YEARS AGO.  Let's get real here.  Sure, I'll bet I could
grab a copy of sendmail v5 and hack on it to make it nice &
tight...but what would be the point?  The sendmail community fixed
those bugs years ago...as did the BIND community.

> Dave, we love ya, even if you are using NetBSD, which is demonspawn if
> ever there was! :-)

  Don't you mean "daemonspawn"? ;)

    -Dave

-- 
Dave McGuire
St. Petersburg, FL         "Less talk.  More synthohol." --Lt. Worf