A second remote hole for OpenBSD
Posted Mar 14, 2007 19:43 UTC (Wed) by ajross
In reply to: A second remote hole for OpenBSD
Parent article: A second remote hole for OpenBSD
It's usefull in some cases. For instance with
OpenBSD. 2 remote holes in 10 years is pretty damn impressive. There
is no if, ands, or butts about it. [...] When compared to other
contemporary OSes Linux security is pretty sad
I think you've been fooled by the marketing. That's 2 remote holes
in the default install. The default OpenBSD install, I
believe, is a bare host (albeit with networking enabled), and only
sshd listening on port 22. Comparing this metric to an unqualified
"Linux" as a whole is precicely the kind of poor analysis that I argue
the "Only N holes" marketing slogan encourages. If you're not going
to specify your target, the above really isn't anything but a nicely
worded fanboi flame.
Which brings up a good point, actually: how many remote holes have
there actually been in the kernel over the past few years? Does
anyone track this stuff on the Linux side? It's the "default install"
nonsense that gets difficult. Red Hat might issue an advisory for,
say, Apache, but that wouldn't count under OpenBSD's security metric.
Really, only kernel bugs and sshd issues are comparable.
to post comments)