BSD derivatives
Chad Perrin
perrin at apotheon.com
Sun Jun 3 07:20:28 UTC 2007
On Sun, Jun 03, 2007 at 09:15:22AM +0300, Manolis Kiagias wrote:
> Chad Perrin wrote:
> > I'm not saying that's what the OpenBSD project does. I'm just saying
> > that, for instance, the availability of the ath driver contradicts a
> > claim that security is a top priority of the FreeBSD project. Only if
> > it was installed and operational by default would that really be the
> > case.
> >
> > Obviously, I'm assuming it's not installed by default. From what I've
> > read so far, it's not -- please correct me if I'm wrong.
> >
> >
> Actually to set the record straight, the ath driver is installed by
> default in 6.2 RELEASE.
> Installed by default meaning the card is recognized during FreeBSD setup
> and the user is able to configure it immediately from sysinstall.
> The ath driver was also present in 6.1 RELEASE (and maybe earlier?)
> although it had to be manually activated as a kernel module and it was
> not immediately obvious it was supported since it was not present in
> sysinstall during setup.
That still sounds like it's not "installed by default" in the sense that
I meant it. By "installed by default", I mean you install the system
and, without even knowing it (or making a decision), you discover you
have a closed-source driver in your system.
> Although the whole security issue is of course highly debatable, don't
> forget how much more secure FreeBSD (or other open source OSes) are
> compared to proprietary systems. I've been (and still am) a competent
> Windows 200X server admin for years and have seen oh so many holes. Mind
> you, most of them actually get exploited. It is nowhere near this in
> FreeBSD.
One of the keys for this is the fact that they're open source software,
of course. To the extent that something like the ath driver is part of
your system whether you want it or not, that additional security benefit
is reduced. I'm just trying to differentiate between closed source
software that affects system security and closed source software that
doesn't -- because anything that isn't actually running doesn't affect
security (all else being equal).
--
CCD CopyWrite Chad Perrin [ http://ccd.apotheon.org ]
Leon Festinger: "A man with a conviction is a hard man to change. Tell him
you disagree and he turns away. Show him facts and figures and he questions
your sources. Appeal to logic and he fails to see your point."
More information about the freebsd-questions
mailing list