Linked by Thom Holwerda on Thu 1st Nov 2007 22:51 UTC, submitted by Earin
OpenBSD OpenBSD 4.2 has been released. "We are pleased to announce the official release of OpenBSD 4.2. This is our 22nd release on CD-ROM (and 23rd via FTP). We remain proud of OpenBSD's record of more than ten years with only two remote holes in the default install." Update: A what's new article at ONLamp.
Thread beginning with comment 282365
To view parent comment, click here.
To read all comments associated with this story, please click here.
RE[2]: How?
by Doc Pain on Fri 2nd Nov 2007 01:49 UTC in reply to "RE: How?"
Doc Pain
Member since:
2006-10-08

"The keyword here is 'default install'... a default OpenBSD install is really quite different to, say, a default Ubuntu Linux installation, or a default Windows Vista install.. "

Please don't confuse OpenBSD (or FreeBSD, NetBSD) with a Linux distribution. OpenBSD is "just" an OS, nothing more. If you install it, you have installed an operating system, nothing more, nothing less. In most cases, you are required to install additional software for the purposes you want to use your system, maybe as a mail server, a web server, a rescue system, a development system, or an "all possible purposes one size fits all" desktop workstation. You decide what's going to be installed.

If you want a BSD OS bundled with additional software (in the way most Linux distributions are), you will have to use PC-BSD or DesktopBSD.

Reply Parent Score: 2

RE[3]: How?
by flanque on Fri 2nd Nov 2007 01:54 in reply to "RE[2]: How?"
flanque Member since:
2005-12-15

That being the case, I'd have to imagine that it's unfair to compare it to Linux as most distributions are porked up with applications. If all the apps and just the Linux OS was installed, I would expect it to have a far 'better' security record for a default install too.

Reply Parent Score: 6

RE[4]: How?
by Doc Pain on Fri 2nd Nov 2007 04:02 in reply to "RE[3]: How?"
Doc Pain Member since:
2006-10-08

"That being the case, I'd have to imagine that it's unfair to compare it to Linux as most distributions are porked up with applications. If all the apps and just the Linux OS was installed, I would expect it to have a far 'better' security record for a default install too."

I completely agree here. Some Linux distributions, especially the ones that are source based and follow the minimalistic (or, to be more exact, the well-defined content) approach, could be used for a valid comparison. They may only contain the Linux kernel and a certain userland.

As you may know, OpenBSD follows the concept of dividing between the OS and afterwards installed applications, you can see this in the directory substructures where application files are located. In Linux is not such a sharp differentiation, I think.

The parts of the OpenBSD OS do not contain software not audited by the OpenBSD team, so there's no "third party risk" within the OS itself. Such risks may be contained in additional software.

If you want to compare Linux to BSD, you should, for example, compare Ubuntu to PC-BSD or SuSE to DesktopBSD - in the default install, of course.

Reply Parent Score: 2

RE[3]: How?
by paws on Fri 2nd Nov 2007 10:37 in reply to "RE[2]: How?"
paws Member since:
2007-05-28

Please don't confuse OpenBSD (or FreeBSD, NetBSD) with a Linux distribution. OpenBSD is "just" an OS, nothing more.


The word 'operating system' doesn't really mean anything. What is technically an OS we mostly call a kernel these days. OpenBSD is a distribution of an operating system (an application to manage hardware resources plus drivers) and a small set of extra tools (a compiler and ssh-daemon, for instance), it's just far more minimal than most mainstream Linux distributions - but it's the same basic principle.

In most cases, you are required to install additional software for the purposes you want to use your system, maybe as a mail server, a web server, a rescue system, a development system, or an "all possible purposes one size fits all" desktop workstation. You decide what's going to be installed.


Err. It comes with gcc and a mail server AFAIK. Vi, too... and a web browser! Anyways, that paragraph could just as well be applied to a Debian installation, except that you select some of the packages at install time... which doesn't really make much of a difference.

Anyways, this is semantics. Have a good day!

Reply Parent Score: 5

RE[4]: How?
by Doc Pain on Sat 3rd Nov 2007 03:23 in reply to "RE[3]: How?"
Doc Pain Member since:
2006-10-08

"Anyways, this is semantics."

Sure, I agree with you, the terminus technicus "OS distribution" can be applied to OpenBSD, too. As we agree, OpenBSD follows a more minimalistic approach regarding what's included in the basic install. For example, media players, instant messengers and games are not included by default. I think OpenBSD's goal is that only software is provided in the basic install that has been checked by the OpenBSD team to be secure by default.

There are some criteria defined in DIN 44300 what's an OS: a sorted collection of means (kernel system, programs, libraries etc.) that:
- administrate and control the hardware,
- provides user interfaces,
- provides standardized and documented programming interfaces (editor, assembler, compiler, linker included here),
- protects against external manupulation and abuse,
- executes and monitors programs and handles their parallel execution,
- provides tools for harddware and software care, installation, update and deinstallation of software, error analysis and damage elimination.

This can be applied to Linux distributions, too, allthough most of them provide much more functionalities in the basic install. Same is true for Solaris which leaves the user with a highly functional system after first install. Instead, OpenBSD lets select the user what he wants to be installed afterwards.

Reply Parent Score: 1

RE[4]: How?
by phoenix on Sat 3rd Nov 2007 18:44 in reply to "RE[3]: How?"
phoenix Member since:
2005-07-11

The word 'operating system' doesn't really mean anything. What is technically an OS we mostly call a kernel these days. OpenBSD is a distribution of an operating system (an application to manage hardware resources plus drivers) and a small set of extra tools (a compiler and ssh-daemon, for instance), it's just far more minimal than most mainstream Linux distributions - but it's the same basic principle.


The difference is in the clear separation between the OS as shipped by the OpenBSD Project and the third-party apps that indivuals can install on that OS.

I don't know the specifics on directory layout for OpenBSD, but the theory is the same for all the BSDs: / and /usr are the OS as shipped by the Project. /usr/local (possibly /opt) is for user-installed apps. The two can be physically separated using disk partitions. / can be mounted ro. You don't have to worry that installing an X app will require upgrading half your OS install. And you don't have to wait 6+ months to get the latest apps (or fuss with backports repositories that may or may not be officially supported).

Linux distros are nothing more than large collections of packages shipped together. There's no such thing as a "base OS" or "core OS" for any of the Linux distros. There's no separation between the OS and the apps. Everything is an app package. Installing a X app can require installing/upgrading half your OS. If you want the latest version of an app, you have to upgrade your entire distro, or fuss around with 3rd-party repositories and backports repos, and wander into the land of unsupportedness.

Sure, you may have access to 25,000 packages with a Linux distro. But that's probably fewer than 12,500 actual applications due to the way the apps are split into sub- and lib-packages.

There's a very big difference between a BSD OS and a Linux distro.

Reply Parent Score: 3

RE[3]: How?
by beowuff on Fri 2nd Nov 2007 13:44 in reply to "RE[2]: How?"
beowuff Member since:
2006-07-26

If you look here:
http://openbsd.org/faq/faq1.html#Included
You will see that almost everything you mentioned IS included in a default install...
"...mail server.." - sendmail
"..a web server.." - Apache 1.3
"..a rescue system.." - Boot from CD and select Shell
"..a development system.." - Comes with a C and Perl compiler
"..all pourposes.. ..desktop workstation.." No such thing anywhere, though it does come with a web browser and X.

Reply Parent Score: 2

RE[4]: How?
by Doc Pain on Sat 3rd Nov 2007 03:42 in reply to "RE[3]: How?"
Doc Pain Member since:
2006-10-08

"You will see that almost everything you mentioned IS included in a default install..."

I see, thank you for this advice. The default install makes OpenBSD a good server for basic server functionalities (FTP, web, mail) and a development system, as long as you stick with the basic editor, but the compiler collection and the debugger are provided. For other uses (desktop environment, media player, gaming etc.), additional software needs to be installed.

Regarding the "all purposes one size fits all" approach:

"No such thing anywhere, though it does come with a web browser and X."

Most famous Linux distributions try to reach this goal, meaning the default install contains a lot of software. A similar approach can be seen in PC-BSD. The downside: Sometimes much disk space is wasted for software you never use... but hard disks are big enough today. :-)

Reply Parent Score: 1