Linked by Thom Holwerda on Wed 20th Jun 2007 20:07 UTC, submitted by Valour
OpenBSD "If you're a software enthusiast who has never used OpenBSD before, you might enjoy installing it by yourself and figuring it out as you go. If, however, you're looking for a more practical approach to using OpenBSD 4.1 on a desktop or server machine, here's a quick guide to get you started in this spectacular operating system."
Permalink for comment 249674
To read all comments associated with this story, please click here.
RE: Secure by default != Secure
by Doc Pain on Thu 21st Jun 2007 21:29 UTC in reply to "Secure by default != Secure"
Doc Pain
Member since:

"I think one of the things to make sure to take into account is the concept that once I install OpenBSD and start making changes to the OS to make it 'usable', I am losing the various security aspects that are enabled by default. It is necessary to make the system less secure to make it usable."

This is a tendency that other UNIXes and Linux have to deal with today. Because users could need certain services, these serveices have to be enabled by default so the user does not get bothered. There are other security aspects such as automated login, asterisks displayed in the password input field, not needing root passwords to install systemwide software - marginal aspects, I agree, but step by step security barriers get overridden by comfortability considerations. Most of them feature the loss of the difference between system user and system administrator which does not exist at the home user's site in fact.

Because OpenBSD is an OS only distribution (in opposite to most Linusi or DesktopBSD / PC-BSD), it does not contain software the OS developers do not have any control over. This is one important aspect regarding security.

"That being said, OpenBSD is great, and has it's uses. Just don't think that once you install the core OS and install the applications that you are secure. Once you start installing applications, it will be necessary to practice due care and get the necessary service/apps secured."

Home users do not care anyway, but surely OpenBSD would not be their choice either. :-)

Luckily, OpenBSD is usually used by people who know what they're doing, so they know what they can take the responsibility for.

Reply Parent Score: 3