BSDnewsletter.com

OpenBSD's record—one remote hole in the default install in nearly six years—is still far, far better than any other OS out there.

The eWeek article also has several comments from Theo de Raadt, including:

"We want to move to a model in 3.3 or 3.4 where all objects will only ever have execute or write permission, but never have both ..."

Read the article at eWeek.com.

RELATED INFO
ONLamp: Installing OpenBSD 3.1
Taking MicroBSD for a test run

Discussion

Software Updates on OpenBSD - Neil Brockman

Software Updates on OpenBSD
Neil Brockman - November 08, 2002 10:52:58
This is the kind of article that companies like Microsoft would pay for. It glows about nearly every aspect of the OS: installing, configuring, safety. However, the author evidently doesn't like the OpenBSD method of updating/patching via cvs. Personally, I think the update system of OpenBSD is one of its strongest features.

The author mentions that there are no pre-made programs that handle updates. True. However, the OpenBSD documentation is very clear about how to write some very small scripts (why they are packaged with the installation, I don't know) which make updating and patching a breeze.

The author mentions that doing a complete recompile can take a few (he says two, it takes us under two) hours. If you compare that downtime to the time spent waiting for other distributions to provide fixes for security problems, OpenBSD users are still usually days if not weeks ahead in resolving security issues.

BSD Links