Linked by Thom Holwerda on Wed 20th Jun 2007 20:07 UTC, submitted by Valour
OpenBSD "If you're a software enthusiast who has never used OpenBSD before, you might enjoy installing it by yourself and figuring it out as you go. If, however, you're looking for a more practical approach to using OpenBSD 4.1 on a desktop or server machine, here's a quick guide to get you started in this spectacular operating system."
Permalink for comment 249619
To read all comments associated with this story, please click here.
Your sinking fast...
by galvanash on Thu 21st Jun 2007 19:11 UTC in reply to "RE: Security"
galvanash
Member since:
2006-01-25

If your website gets defaced or personal data from the users of that website are compromised, do you think a chrooted webserver will prevent any more structual damage?

Yes. Definitely. Absolutely. Without Question. Can I possibly be more forthright? Preventing more structural damage is the fricken' POINT of chrooting something...

In case of a buggy PHP website, you are better off with a well designed DMZ and an IDS.

You keep doing that... Its irritating. The fact is you are MUCH better of having BOTH. There is no need to chose one and not the other. And what exactly does a DMZ or IDS have to do with the relative merits of an OS that is designed to be secure? Your argument seems to be "a secure OS isn't really better than an unsecured one because of a multitude of things like DMZs and firewalls and whatever that have nothing at all to do with the Operating System's design".

A secure OS is nice. But if I had to chose between "a secure OS and a good administrator" and "a really really secure OS and a bad administrator", I definitly will chose the first one.

Again, you don't have to chose. Really. The two things are in no way mutually exclusive.

Reply Parent Score: 2