[wplug] A little BSD/Linux history question
Bill Moran
wmoran at potentialtech.com
Wed Feb 23 10:39:29 EST 2005
Zachary Uram <netrek at gmail.com> wrote:
> On Tue, 22 Feb 2005 16:43:23 -0500, Bill Moran <wmoran at potentialtech.com> wrote:
> >
> > I agree with pretty much everything else that Patrick said, with this
> > one addition:
> >
> > Simply having a lot of eyes look at the code will never match the
> > quality of OpenBSD. First off, their code review process is much
> > more than just "eyes on code" ... it's a concerted effort to identify
> > and correct coding practices that are known to be difficult to secure,
> > and replace potential problems before they are discovered. There's
> > a lot that's been written and said on "Proactive Security", which is
> > what they call this process.
> >
> > Additionally, OpenBSD has a number of things added to the kernel, which
> > other kernel developers often find dubious. Things that are specifically
> > added to increase security. Many other OSes won't use these things
> > because they can hurt performance and compatability with some applications.
> > But OpenBSD puts security very, very high on their list of must-haves.
>
> Hi Bill,
>
> I see. So why isn't there a concerted effort by the Linux community to
> produce a highly secure distro akin to OpenBSD? I have the impression
> Bastille Linux does not follow the overall security methodology which
> you've elucidated.
1) I'm not sure that there isn't - I don't know everything about every
project out there.
b) If there's not, I don't have an explanation as to why.
--
Bill Moran
Potential Technologies
http://www.potentialtech.com
More information about the wplug
mailing list