Return to BSD News archive
Path: euryale.cc.adfa.oz.au!newshost.carno.net.au!harbinger.cc.monash.edu.au!munnari.OZ.AU!news.ecn.uoknor.edu!news.cis.okstate.edu!nntp.ksu.edu!news.physics.uiowa.edu!math.ohio-state.edu!howland.erols.net!agate!theos.com!deraadt From: deraadt@theos.com (Theo de Raadt) Newsgroups: comp.os.linux.misc,comp.os.linux.networking,comp.os.linux.setup,comp.unix.bsd.bsdi.misc,comp.unix.bsd.misc Subject: Re: Linux vs BSD Date: 24 Jan 1997 11:04:27 GMT Organization: Theo Ports Kernels For Fun And Profit Lines: 79 Message-ID: <DERAADT.97Jan24040427@zeus.theos.com> References: <32DFFEAB.7704@usa.net> <5c39sk$ddl@troma.rv.tis.com> <5c8jlm$50u@cynic.portal.ca> <5c9444$9vq@lace.colorado.edu> <5c98sl$gbn@cynic.portal.ca> <32E84F44.75616F4D@w3page.com> NNTP-Posting-Host: zeus.theos.com In-reply-to: Blaine Minazzi's message of Thu, 23 Jan 1997 22:57:25 -0700 Xref: euryale.cc.adfa.oz.au comp.os.linux.misc:153983 comp.os.linux.networking:66015 comp.os.linux.setup:93682 comp.unix.bsd.bsdi.misc:5714 comp.unix.bsd.misc:2006 In article <32E84F44.75616F4D@w3page.com> Blaine Minazzi <bminazzi@w3page.com> writes: Linux: Personal workstation. No other O/S gives _me_ what I want for this. I [...] Oh oh, here comes a twisty tangent... FreeBSD: My Web Internet servers. The Security, the flexability, the speed, all beat linux. ^^^^^^^^^^^^ Well, this particular part is not true. I would definately suggest that RedHat Linux has better security than FreeBSD has. I might know -- I've spent the last 6 months working with a group of people to fix the many security holes that exist in BSD systems (and all the numerous derivatives that used BSD code.... including Linux.) We are doing this work on yet another BSD varient -- OpenBSD, it is one of our main focuses. A few of the people I've worked with also work on improving Linux security. I think RedHat payed attention to these details, and it's starting to show because a few recent advisories indicate that they already had certain holes plugged. This is just a guess, though. It's hard to judge these things for sure without getting the security conscious people from the various projects together in a dark room and seeing who scares who more. Perhaps David Holland can tell me who was more scared when we talked at Usenix ;-) To me, one aspect of a secure-conscious operating system is that it ships with many holes plugged _before they become common knowledge_. Regarding FreeBSD comparisons, OpenBSD isn't neccessarily as fast, but well... fast isn't everything. Correct operation might matter once in a while, too.... and more specifically that might include not having as many security holes and weeny users breaking root and modifying web pages. I also concur with previous comments that most people are unable to spot a speed difference between the various operating systems; I have heard it many times. Instead our direction with OpenBSD has been to focus on security, standards compliance, and general usefulness. It looks as if security concerned ISP's like OpenBSD. Everything man-made has flaws, and some people are willing to put up with OpenBSD's flaws in return for some of it's benefits. And people do occasionally make the opposite decision and it doesn't bother me. They're probably also like mustard on their eggs (ICK!) and I don't take that personally either. I won't deny that FreeBSD is being used in a hell of a lot of places. As are MVS and VMS. There's no accounting for taste (as long as you can run emacs!) Just like nearly everything else in the world, things mutate in really weird ways. Cross-pollination. It's almost a given that next year's Toyota Tercel will look like a Mercedes did 4 years ago, but of course there's many other differences too and some may be really subtle. The same happens in the vendor operating system world, and it shouldn't be too surprising that it might happen in the free operating system world too. Next year Nissan might be making crap cars and Ford's might be good quality. In other words, grab the latest copy of each... Try them. Choose. Then (don't) buy it. (Just use it ;-) Next year, perhaps re-evaluate if you hear enough cool things about another system, or have too many PRIVATE bitches about the system you are using. And perhaps we can all stop bitching about it though, and instead use our systems, whatever they are, for doing some cool things. There are people out there that have provided code to all 4 free projects; even _kernel_ code... So, anyone want to help OpenBSD implement CD-R writing code? -- This space not left unintentionally unblank. deraadt@theos.com www.OpenBSD.org -- We're fixing security problems so you can sleep at night.