Linked by Thom Holwerda on Tue 22nd Sep 2009 15:34 UTC, submitted by google_ninja
Linux During the roundtable discussion at LinuxCon this year, Linus Torvalds made some pretty harsh remarks about the current state of the Linux kernel, calling it "huge and bloated", and that there is no plan in sight to solve the problem. At the same time, he also explained that he is very happy with the current development process of the kernel, and that his job has become much easier.
Thread beginning with comment 385662
To view parent comment, click here.
To read all comments associated with this story, please click here.
Francis Kuntz
Member since:
2006-09-23

And Linux (or NetBSD/FreeBSD) runs terribly much better on my quad core home machine than OpenBSD ever will.

And OpenBSD have terribly less security holes than Linux.

You can bash OpenBSD for SMP performance, but they can do the same with security. OpenBSD is a pioneer with a lot of security features that has been implemented in other OSes few years after.

Reply Parent Score: 2

vivainio Member since:
2008-12-26


You can bash OpenBSD for SMP performance, but they can do the same with security. OpenBSD is a pioneer with a lot of security features that has been implemented in other OSes few years after.


Security is all about what applications you run, and how well the applications can be sandboxed.

Does OpenBSD have anything even close to SELinux, or is it just about using the old & bugfixed versions of the cherrypicked secure applications?

Reply Parent Score: 2

danieldk Member since:
2005-11-18

You can bash OpenBSD for SMP performance, but they can do the same with security. OpenBSD is a pioneer with a lot of security features that has been implemented in other OSes few years after.


Security, you mean the absence of a mandatory access control framework? Or even not a standardized kernel authorization framework like Linux and NetBSD (kauth) have had for years? I am a whole lot happier to use my webserver in a sandboxed SELinux or AppArmor environment, than on OpenBSD.

You know, security is not only about disabling every service in the default install and doing a proper audit. Those things help, but other UNIXes have far more preventive security measures. And companies like Red Hat have been pushing the envelope a lot.

Reply Parent Score: 2

Francis Kuntz Member since:
2006-09-23


Security, you mean the absence of a mandatory access control framework? Or even not a standardized kernel authorization framework like Linux and NetBSD (kauth) have had for years? I am a whole lot happier to use my webserver in a sandboxed SELinux or AppArmor environment, than on OpenBSD.

You know, security is not only about disabling every service in the default install and doing a proper audit. Those things help, but other UNIXes have far more preventive security measures. And companies like Red Hat have been pushing the envelope a lot.

Yes, thats why OpenBSD is used at Defcon for the network infrastructure, it's because Linux and NetBSD are so more secure ...

You can put all security features you want like MAC, if your os is full of security holes, it won't change anything. Anyway features like MAC are usually so hard to put in place that they are never used.

OpenBSD implement things that make the OS less vulnerable for attack by design.

You know, security is not only about adding some new crazy new security features that nobody use. Those things *can* help, but OpenBSD have far more preventive security measures like auditing, W^X, modified malloc, network stack using randomization, ProPolice etc. And project like OpenBSD and its security gurus have been pushing the envelope a lot.

Some reading for you http://kerneltrap.org/OpenBSD/SELinux_vs_OpenBSDs_Default_Security

Reply Parent Score: 2