Thread replies: 199
Thread images: 9
Thread images: 9
Anonymous
BSD And Other Things 2016-07-30 20:22:05 Post No. 55837067
[Report] Image search: [Google]
BSD And Other Things 2016-07-30 20:22:05 Post No. 55837067
[Report] Image search: [Google]
File: Pufftron.jpg (54KB, 227x343px) Image search:
[Google]
54KB, 227x343px
/bsd/ - *BSD General Thread
Discuss FreeBSD, OpenBSD, NetBSD, DragonFlyBSD, FreeNAS...
IRC -- #baot @ irc.rizon.net
News: http://dragonflydigest.com - http://undeadly.org - http://freebsdnews.com
Ask questions, get answers.
>>
File: 1469880499828.png (3MB, 3000x2400px) Image search:
[Google]
3MB, 3000x2400px
>>55837067
Which of these four anime girls would you waifu? Dips on OpenBSD.
>>
>>55837067
Can i use mpv on them?
>>
>>55837157
Yes, there is a port of mpv to BSD.
>>
>>55837067
I can already hear Theo's voice in my head screaming explatives, but...
OpenBSD on a gen 2 Hyper-V VM? (uEFI). Is it possible?
>>
>>55837296
You're the same shitposter who comes to every single BSD thread. I'm just happy you changed your tactics.
>>
>>55837067
when will blakkheim stop sucking dick?
>>
>>55837585
bsd shitposters are many
because bsd is hipster horseshit. linux is too popular among the majority of computer nerds so some need to feel ultra special by using something that has no more reason to be around.
>>
>>55837635
>hipster horseshit
Popularity does equal quality. Dismissing it as hipster bullshit because it's not super popular is unfair.
>>
There's absolutely nothing to discuss, there's no reason to use BSD in the desktop and the reasons you people give when someone asks are completely ridiculous, as you don't use any of those features.
>>
>>55837294
OpenBSD can run on a VM, yeah.
But it's designed for bare metal.
>>
>>55837635
>hipster horseshit
>muh hipsters
see, you ARE one of them
>>
>>55838073
What real reason do you use BSD for (If you actually use it)?
>>
>>55838114
i've specified it a few times, i do it out of preference, not to go "hurrr i dont like linux because its popular"
i don't like linux because of what redhat is doing to it, i don't like it because the file hierarchy is a fucking mess and i have plenty of other reasons to not like it
>>
>>55837866
If you don't like it, why are you here?
>>
>>55838059
Right, and I'm used to running it bare metal. But I'd like to do some tinkering, and I'm running Hyper-V.
>>
when will you fags stop replying to the buttblasted arch hipster
you're just making him feel like a special snowflake again and derailing the thread
anyway, is OpenBSD any good as a hypervisor?
>>
>>55838059
wtf does that mean? it doesn't have qemu/xen drivers?
>>
>>55838164
>hypervisor
there's no hypervisor in openbsd, but its coming
>>
>>55838168
Oh, I've heard of people running it on Xen.
Don't run it on virtualbox, though.
>>
>>55837806
>>55838073
popularity isn't everything but when you see something that is older than linux slowly die over a few decades the thought that somethings wrong has to occur.
>>
>>55838170
oh well, I'm going to get called a retard but I'm trying to find a way to kludge slowlaris onto a laptop with no wifi drivers for it, plus I need a dedicated *BSD box
are there any on FreeBSD?
>>
>>55838222
I think bhyve is the FreeBSD hypervisor.
I'm not familiar with how all that virtualization stuff works, but I think that's the right direction.
>>
>>55838144
>Preference
Good to hear. It's funny when a vocal minority of BSD users try to pick a fight with Linux for no actual reasons
>>
>>55838195
why? even in headless mode gives problem?
>>
>>55838273
For whatever reason, the resolution doesn't go above 1024x768 in virtualbox.
Virtualbox also does weird shit to the memory, so the virtual console's background randomly turns red for some reason.
>>
>>55838299
so using it only on a ssh connection should be ok? isn't it a server os? why should I need a GUI?
>>
>>55838243
nice, I'll have to go take a look at it
was also considering SmartOS which is a straight Solaris derivative with KVM, BSD would probably be much more useful by itself though as far as the application base goes
>>
>>55838354
>so using it only on a ssh connection should be ok
yes
>isn't it a server os
it's pretty general purpose
>why should I need a GUI
to use it as a desktop, you can choose to not install X during the install
>>
>>55838390
I already use linux as a desktop os, isn't it better? in the previous thread someone said BSD's browser performance is not so great...
also I've always heard good things about BSD networking, filesystems and other not-desktop components
I'm autistic but not so much
>>
>>55838588
firefox performs well enough here
dont know about chromium
don't listen to the shitposting retards, obviously
>>
>>55838603
>inb4 ENJOY YOUR BROWSER OS SENPAI
>>
>>55838724
>implying any desktop os isn't a browser os
>>
>>55838724
isn't it funny that they claim it's a browser OS then they claim you can't browse the internet on it
>>
>>55838773
Wait BSDs have wifi drivers?
Nice progress haha so proud
>>
>>55838836
It's good to see them being ahead of the curve
>tipping levels at maximum
>>
Preparing my anus^H^H^H^H VM
>>
>>55838170
>but its coming
INNOVASHUN
>>
>>55840679
can you fuck off
>>
>>55838164
It's funny, I might be wrong but if memory serves BSD threads used to be FreeBSD and OpenBSD users flaming each other. Now it's pretty peaceful trying to fight off a few GNU/Linux shitposters.
>>
>>55840733
why are you against openbsd innovating?
>>
>>55837087
I like how no one replied
>>
>>55840815
What's that supposed to mean?
>>
>>55837067
LMAO BSD is a useless piece of shit.
There exists ZERO practical reasons to use it, even in a virtual machine
>>
>>55840743
> if memory serves BSD threads used to be FreeBSD and OpenBSD
try one freebsd autist shitting on openbsd for no reason
>>55840815
the art's pretty bad desu
>>
File: c905069c92e112cb933569e10c9ef2e1.jpg (13KB, 236x243px) Image search:
[Google]
13KB, 236x243px
>>55840842
Lets see...
Packet Filter
CARP
Oh, and the BSD network stack being the gold standard for how long?
>>
>>55840903
Lol what the fuck are those, get some AMD drivers first lmao
>>
File: asiabsdcon.jpg (83KB, 533x727px) Image search:
[Google]
83KB, 533x727px
>>55840871
actually here's a better picture
>>
>>55840910
> Assblasted AMD fanboy
> No real world experience
Come back when you have a clue of what you're talking about, kthxbai...
>>
>>55840913
Do you have one for OpenBSD?
>>
>>55840938
nope, unfortunately that's the only one i could find actually drawn by a japanese artist
>>
>>55840949
Well fuck. That's pretty good art and I was hoping the other BSDs would have one as well.
>>
>>55840929
Yeah, come back when you can actually run your toy OS in a real desktop autistic retard.
>>
>>55840956
and it's funny that there's so much focus on the daemon-tan because JNUG stands for Japanese NetBSD User Group
>>
>>55840971
>toy OS
>autistic retard
Anon, you should really try to get out of your parents basement once in a while. There's a whole world out there to experience.
>>
>>55840929
>real world
>no drivers
top fucking kek
>>
>>55841061
why are you spreading FUD
you know damn well there are radeon BSD drivers
>>
File: screenshot-forums.pcbsd.org 2016-07-31 10-53-15.png (302KB, 1206x1674px) Image search:
[Google]
302KB, 1206x1674px
>>55841033
BSD is a toy OS, no one actually uses it. I tired PC-BSD in VMWare a while ago.
The fucking (Xfce) system freezes at boot. Doesn't even have any drivers I was looking at the forums and apparently that's to be expected
>>
>>55841113
that's because PC-BSD is shit
take all the bad things about linux and stick them on FreeBSD and you have PC-BSD
the thing even comes with GRUB, for fuck's sake
>>
>>55841113
If you hate BSD, why are you here? You're just here to shitpost and you know it.
>>
>>55841123
PC-BSD is FreeBSD
>>
>>55841136
that's why i said "stick them on FreeBSD"
>>
>>55841144
Does it even have any Live ISO?
>>
>>55841156
i don't even think so
>>
>>55841123
>>55841136
Why does PC-BSD even exist?
>>
>>55841123
>PC-BSD is shit
>the other pieces of shit are great tho
>except freebsd is untested because it's a toy for applecucks
>and netbsd only works on toasters
>and openbsd is busy copying^Winnovating so nothing actually works
backpedaling every time!
>>
>>55841178
Because some people don't have the time to compile desktop environment
>>
>>55840842
>There exists ZERO practical reasons to use it
>>55840903
>practical reasons in networking
>>55840910
>WTF is networking useless because no AMD drivers
>>55840929
>confirmed basement dweller
>>55840971
>but muh desktop OS
>>55841033
>Get out of your parents basement
>>55841113
> BSD is a toys OS because I couldn't make it work
Got it, you're a fucking idiot. Pull down OpenBSD and configure packet filter for a firewall, with CARP for redundancy.
And before you scream "But muh desktop!" remember, nobody else said anything about BSD just on desktops...
>>
>>55841178
I don't even know, I think it's iXsystem's poor excuse for an OEM operating system.
>>55841181
>backpedaling
Oh it's you again, fuck off. The mods have deleted your posts a few times, don't you get it?
>>55841195
You don't have to compile them.
>>
>>55841215
I think PC-BSD is the linux mint of BSD. It comes with a GUI installer because a few terminal commands apparently scare people.
>>
>>55841211
>obody else said anything about BSD just on desktops
Nice backpedaling see >>55838390
Stay mad haha
>>
>>55841227
Well at least Linux Mint doesn't have a poor excuse of a YaST clone that sticks out like a sore thumb.
Did I mention that FreeBSD allows you to use UFS instead of ZFS (which is recommended on a desktop) but PC-BSD doesn't let you do it?
>>
>>55841246
Are you on ZFS right now?
>>55841181
This is a post from 2005 and see how it came true
Comparing Gentoo Linux, Windows XP Pro, and FreeBSD, I’d definitely have to say that FreeBSD sucks royally. Windows XP Pro and Gentoo Linux both rock, but in different ways; Gentoo Linux offers exceptional command line and configuration options, and is very very fast, whereas Windows XP Pro is untouchable in terms of its GUI and the quality of the software that runs on it. My experience with FreeBSD has been disappointing and a complete letdown, particularly after the hype I’d read about it (for example, “If Yahoo! servers use FreeBSD, it must be a good OS”). Besides the crappy colorless default shell, many of the ports are broken. My opinion, stick with using both Gentoo Linux and Windows XP Pro for desktop applications (on a dual-boot, combining them with VMware); If using a server, go with Gentoo Linux, for its exceptional speed. Windows servers are easy to set up but suck in terms of speed. FreeBSD may be a good server OS, but it’s such a lousy OS in general, that I wouldn’t want to waste any more time with it.
I won’t even comment on Macs, since they suck even more than FreeBSD. In fact, I think Mac OS is possibly the worst OS ever. It’s like Windows for dummies, but worse, because it’s built on top of the crappy BSD kernel.
In conclusion, FreeBSD is dead. Apple OS is a joke which is only taken seriously by the computer illiterate and mentally challenged. Gentoo Linux and Windows are the future.
>>
Why doesn't OpenBSD believe in MAC? Isn't it sort of short-sighted to believe no software will ever contain bugs?
>>
>>55841278
OpenBSD is stubborn to implement features they find overly complicated that will make auditing difficult. A MAC like feature called pledge is coming soon. They like the idea of MAC, but want to implement it in a simple way.
>>
>>55841241
>isn't it a server os
>it's pretty general purpose
You might want to re-read that...
But it's alright, Anon, you can be wrong. I'm sure your parents still love you.
>>
>>55841270
>Are you on ZFS right now?
I use OpenBSD, so no.
>>55841278
Because MACs are so inconvenient that people just turn them off, defeating their whole purpose.
>Isn't it sort of short-sighted to believe no software will ever contain bugs?
What? When did they say that? The entire point of the mitigations in OpenBSD is to crash those buggy programs before they do any damage. W^X as of OpenBSD 6.0 will be enforced so hard that you'll have to allow specific partitions to violate W^X (pretty much only /usr/local since that's where all the third party stuff is).
>>
>>55841270
>Besides the crappy colorless default shell
this alone is a crime against humanity
>>
>>55841294
Aww your're so cute when you get cornered
>general purpose
>Somehow it's not desktop
Linux runs on servers
Linux runs on desktops
Linux runs on mobile phones
Linux runs on routers
No reasons to use BSD
>>
>>55841293
>features they find overly complicated
Are they incompetent?
>>
>>55841299
It's simple though.
BSD competes with Linux
Linux competes with Windows
Makes you think, doesn't it?
>>
>>55841333
>Linux
Yes, and it runs the BSD network stack.
>general purpose
>Somehow it's not desktop
You should really get your eyes checked
>And before you scream "But muh desktop!" remember, nobody else said anything about BSD just on desktops...
>>
>>55841293
From what I've read about pledges, they're absolutely nothing like MAC and more like discretionary capability dropping. (A direct contradiction of the “mandatory” part of mandatory access controls)
That said, I still like the idea of programs dropping privileges as much as possible, and pledges extend that privilege dropping to syscalls - but the sad part about it is that it requires source-level software support, which is an unreasonable assumption to make for general software. (Especially cross-platform software)
>>55841297
>What? When did they say that?
Isn't the entire OpenBSD philosophy pretty much “all we have to care about is writing code that's as hard as possible to exploit”? As far as I can tell there's no or little contingency plan for dealing with software that *is* exploited, which is what MAC or auditing subsystems provide. (i.e. assume firefox gets 0dayed into running arbitrary code -> what damage could it do to your system?)
>W^X
Doesn't ROP make W^X almost entirely useless? (Although I know that e.g. PaX actually has ROP prevention)
>>
>>55841362
>General purpose OS that's not meant for desktops
I like your mental acrobatics. More please hahaha
>>
>>55841356
No, it's called sane design. See post here >>55841297
It's why all their programs like pf have a simple configuration syntax.
>>55841372
>Isn't the entire OpenBSD philosophy pretty much “all we have to care about is writing code that's as hard as possible to exploit”?
Part of it is writing good and clean code, yes, but it's not the only part of it. Obviously, from good code comes good programs that do what they're supposed to.
W^X isn't the only mitigation either. There's ASLR and there's stack-smashing protection built into their own GCC. I believe ASLR should prevent ROP, no?
Note however that OpenBSD never claimed that these were their ideas, contrary to what that shitposter wants you to believe. All OpenBSD did is enforce them and force their users to use them. This results in patches that improve code that eventually get sent upstream.
>>
Just switch to Linux already
>>
>>55841482
/thread
>>
>>55841482
>>55841531
replying to yourself is bad form
>>
>>55841357
>BSD competes with Linux
What? Linux dominates, there's no competition.
>>
>>55841541
Nope
>>
>>55841455
>I believe ASLR should prevent ROP, no?
Not necessarily. Due to the nature of use-after-free, reference corruption or pointer leaking bugs, it's often possible to find the right address base, which again enables you to use a ROP program.
See e.g. https://www.evonide.com/how-we-broke-php-hacked-pornhub-and-earned-20000-dollar/ for a recent example of an attack that used ROP to attack a system which has ASLR enabled. SSP is also helpful , but it too has work-arounds.
In summary, both ASLR and SSP just reduce the attack surface, but they are not bulletproof defenses. (And I assume the same is true for PaX's ROP prevention)
>>
I want to give BSD a try but I am not sure my wifi would work ootb$ lspci -k | grep -i Network
02:00.0 Network controller: Broadcom Corporation BCM43142 802.11b/g/n (rev 01)
>>
>>55841633
>broadcom
ouch, i don't think it will, anon
>>
>>55837635
Besides, Linux is a true UNIX.
>>
>>55841683
wow that's an epic meme that you posted a day ago
>>
File: 1459650740478.jpg (31KB, 433x419px) Image search:
[Google]
31KB, 433x419px
>>55841647
Into the trash
t. Linux shill
>>
>>55841649
you really don't know what that word means, do you
if anything you're backpedaling, not me
>>
>all those deleted posts
based janitors
>>
>>55841616
It does that all by itself.
>>
>>55841736
there are people who fall for his memes though unfortunately
>>
You did good janitors. You did good.
>>
BSD has good security. They have a good trick. Nothing actually works in BSD, reduces the attack surface
>>
>>55841778
https://archive.rebeccablacktech.com/g/?task=search&ghost=&search_text=++++BSD+has+good+security.+They+have+a+good+trick.+Nothing+actually+works+in+BSD%2C+reduces+the+attack+surface
autism
i miss angela, at least the shitposts were original
>>
I would run OpenBSD on servers but the only reason holding me back is updating, it's a pain in the arse to update OpenBSD on multiple instances while it's so easy with FreeBSD/Linux.
Anyway it's a nice OS but lack some stuff that would make life easy.
>>
>>55841787
The FreeBSD MUH JAILS shitposter was decent. Jails and MAC are not the end all security and I think that OpenBSD implements their own version well.
>>
>>55841791
look up m:tier
it's a binary patching service run by openbsd devs
>>
>>55841799
>The FreeBSD MUH JAILS shitposter was decent.
hell no, he'd always post the same blogs written by some tranny troll
>>
>>55841778
This
>AMD won't work
>Steam won't work
>WiFi won't work
>Vulkan won't work
>VMWare won't work
>KDE5 won't work
>Meant for GUI less (server use) only, it even struggles there with Linux
BSD = Dead
>>
>>55841820
Oh, that was him? Damn, forgot about that blog he would always link to. Might have been thinking about a different shitposter.
>>
>>55841803
Yea, OpenBSD is currently running my DNS stack works perfectly.
I'll look into it :)
>>
>>55841834
what is it about these threads that attract the worst of the worst autistic people though
they literally do nothing but post in here all day to tell us they don't like something
>>
>>55841787
>Actually memorizing archive links
A U T I S M
>>
>>55841848
Wasn't this the article in question? https://allthatiswrong.wordpress.com/2010/01/20/the-insecurity-of-openbsd/
How accurate is it? Is jails and MAC really the most important thing in security?
>>
>>55841787
>Goes and shitposts on /flt/
>Gets assblasted
>Calls others autists
kek
>>
>>55841855
lol what
do you not know what copying and pasting is
>>55841859
nope, make sure to look at his other articles too, the results may be shocking
he'd also post trollaxor
>>
>>55841787
>missing a tripfag
>>
>>55841787
He's not wrong though
>>
This thread would be better if BSD fags didn't try to throw shit at Linux fags.
Now enjoy all the shitposts
>>
>>55841629
>I forgot to mention that it also has PIE, but it seems like that's yet another extra layer that can be broken.
In this context there's not really a distinction between ASLR and PIE. Rather, PIE is a requirement for ASLR.
ASLR = address space layout randomization = picking random values for the start of stack, start of program, mmap etc. regions
PIE = position independent code, which is what's required to alter the “start of program” address.
You can do a limited form of ASLR without PIE (by moving the stack but not the program) but that's essentially useless in the context of preventing ROP.
>>
>>55841874
wasn't me, all im doing is proving that someone is autistic enough to look for any mention of bsd to post the same shit every time, i wouldn't be surprised if that guy went into that thread just to say "BSD is better" and lure him out
he's like a certain poster who's obsessed with my little pony and barney
>>55841890
t. the shitposter
>>
>>
>>55841895
What shit? You're the ones who come here to shitpost.
>>
>>55841900
Oh, well from what I understand, it seems like they'll implement SROP protection by default in 6.0, and from my understanding that's only one form of ROP.
They'll also randomize libc symbol order on every boot, which should also do something to mitigate that from my understanding.
>>
I'm a masochist and looking for a new form of self torture. Should I install and use BSD?
>>
>>55842023
Install NetBSD
>>
>First they ignore you, then they laugh at you, then they fight you, then you win.
Feels going being in stage 3. Once the few Anti-BSD autists fuck off, BSD can thrive on /g/ along with GNU/Linux.
>>
>>55842074
I don't think you never got past stage 2
>>
>>55842023
install LFS
>>55842027
or that, since the installer is awful
>>55842088
>I don't think you never got past stage 2
thanks, we know
>>
Can I install BSD* on my raspberry pi
>>
NetBSD has a port, I believe.
So does FreeBSD, but that's more of a toy.
Check both out in VMs before making the jump.
>>
>>55842100
Don't worry, /bsd and other things/ will get shitpost less and less as this thread becomes more common.
>>
File: 1468982096849.jpg (120KB, 392x495px) Image search:
[Google]
120KB, 392x495px
>linux actually has shills now
Must be NSA trying to keep us away from more secure BSD.
>>
>>55842387
No, just a few shitposters who think this board should be GNU/Linux only.
>>
>>55842387
Or Red Hat shills, or Arch/Gentoo users afraid that they won't be the specialest snowflakes on the board anymore if a BSD community picks up speed on /g/.
>>
>>55842904
>Or Red Hat shills, or Arch/Gentoo users afraid that they won't be the specialest snowflakes on the board anymore if a BSD community picks up speed on /g/.
you see this is what i understand
one thing they reproach us is by calling us hipsters, we can't like an operating system at all
if i was a hipster i'd be using plan 9
>>
>>55843415
*what i don't understand
sorry, fucked that up
but yeah i think part of the reason is because people actually started taking stallman seriously around these parts, remember when /g/ used to make fun of him? that's the entire point of the gnu/linux pasta
>>
>>55842904
Nice projection mactard
>>
I love having OpenSSH and nice TCP/IP, thanks BSD people!
Without you I'd have to use GNUTLS and telnet!
>>
>>55843506
>GNUTLS
the horror
>>
>>55843415
If you were a hipster you'd be using eCos.
>>
I was browsing the mailing lists and found this.
http://marc.info/?l=openbsd-misc&m=124423955820367&w=2
How neat, had no idea it was possible. Someone needs to develop a SSH based VOIP solution.
>>
>>55841388
Linux isn't mean to desktops too, anon, they do exactly the opposite of what sucessful desktop OS normally does
>>
>>55837087
I like dragonflybsd the best. Hammerfs is really great and she can hammer my cock if you know what I mean
>>
>>55845844
No what do you mean
>>
>>55845844
Lelz
>>
>>55845844
How does HammerFS compare against ZFS or btrfs?
>>
Which works better in a VM, FreeBSD or PC-BSD? I want to try it out before considering installing.
>>
So I saw that SPARC64 gained bootable full disk encryption support in OpenBSD, is it just that and x86(_64) now? Or have any other platforms gained support?
>tfw no PowerBook G4 running OpenBSD with full disk encryption
>>
Why would anyone use OpenBSD? It's an insecure piece of shit, chroot is shit compared to jails which cannot be escaped from guaranteeing safety. Even worse, it has no mandatory access control. What a joke of a security distro.
>>
>>55848900
Security's not the sole reason to use OpenBSD, anon.
>>
>>55838114
systemd
>>
>>55848917
OpenMEMEsd prides itself on being security focused when FreeBSD is far more secure. The autists who manage OpenBSD won't even implement jails or MAC that would guarantee no intrusion.
>>
>>55839663
plebbit
>>
>>
>>55848992
https://vez.mrsk.me/freebsd-defaults.txt
>>
>>55848992
>OpenMEMEsd
holy fuck it's been a whole year since i last heard that
>>
>>55848884
http://man.openbsd.org/OpenBSD-current/man4/softraid.4
>Boot support is currently limited to the CRYPTO and RAID 1 disciplines on amd64, i386, and sparc64 platforms.
nope
>>
>>55849516
Holy shit, I didn't know FreeBSD security was that bad.
>>
>>55842387
joking aside Linux is compromised hard according to Assange
and then there's systemd which is basically a botnet...
>>
>tfw one of the devs are reading this very thread
i know who you are
i only ask of you, what do you think of the autism here
>>
>>55851018
Soure on both?
>>
>>55850156
Damn, that sucks
>>
>>55851135
Well at least they have that information in the man pages so you don't get burnt trying it on an unsupported platform.
>>
>>55837294
It'll run, video will be shit because of a lack of drivers though.
>>
>>55849516
TL;DR?
>>
>>55851604
freebsd doesn't care about security despite the fact that it's intended for servers, which is inexcusable
some of it is because of "muh backwards compatibility" which is a terrible way of developing software, some of it just feels like they're doing it because they can (ssh)
>>
>>55851616
What about the autist going on about MUH JAILS and MUH MAC?
>>
>>55851633
he's retarded and he's been doing that for at least a year
he thinks it's the ultimate security measure, when it's in fact just one method
jails don't save you from terrible defaults and buggy SSL implementations
MACs are so inconvenient that people just turn them off, as soon as people run into a problem with SELinux they just turn it off, that's a fact
the really funny thing is he says it "guarantees no intrusion" when no security measure on the planet can even do that, especially MACs which are just fancy permissions and don't even relate to system access
>>
>>55851709
What is so great about jails the autist keeps going on about? I thought chroot was fairly good.
>>
>>55851616
Also, a lot of their core software runs entirely as root, with no concept of dropping privileges (as has been done in the software world for decades).
This lands them in a funny situation right now: their tool to update the base system for security fixes is itself vulnerable to multiple public exploits. Trying to patch a FreeBSD system today can ironically result in a root-level compromise of your system.
Bad design decisions all throughout their development cycle. It's worth a read.
>>
>>55851735
i'll admit, jails are attractive
think of it as a virtual machine that doesn't take up as nearly many resources, the only resource it shares with the host is the kernel
the jail itself runs its own processes, has its own users, has its own IP address, you name it
unfortunately that also means that if a kernel exploit exists that probably would fuck up the jails really hard, making the whole thing moot in the first place, that's just a theory, of course
what fucking good is a jail if the freebsd security officers were too retarded to put ASLR in until THIS year? something even MS has been doing since around windows xp/vista? this is why you'll usually hear theo give some praise to MS before giving some to freebsd
>>55851742
the ports system also runs almost entirely as root, the openbsd one is privsep'd
im pretty sure most network daemons aren't privsep'd either to this day, hell, they probably still run Xorg as root
>>
>>55851790
And OpenMEMEsd has easy to escape chroot "jails" while FreeBSD jails cannot be escaped from. I don't see a FreeBSD kernel exploit happening anytime soon, it's secure.
>>
>>55851840
>FreeBSD jails cannot be escaped from. I don't see a FreeBSD kernel exploit happening anytime soon, it's secure.
i hope to god you don't write software
what a terrible, boneheaded way of thinking
>>
>>55851840
>OpenMEMEsd
epik
>>
Which BSD is better for someone who has linux experience but no BSD, Free or OpenBSD?
>>
>>55851881
OpenBSD comes with Xorg.
>>
>>55851886
How well does OpenBSD run in a virtual machine? Does it run okay at the very least? I'm not going to do anything heavy, I want to just try it out.
>>
>>55851893
Runs in virtualbox for me, just can't go over 1024x768 with it. I don't know why that is.
Maybe it works better with vmware, since there seems to be a vmware video driver and all.
>>
>>55851917
>virtualbox
>vmware
why the fuck
just use KVM/qemu
>>
>>55851996
isn't virtualbox partly based on qemu anyway?
>>
>>55851790
>ASLR
FreeBSD still has no ASLR. There's an in-development patch for minimal ASLR (no W^X or anything else) but it has not been committed.
https://www.freebsd.org/news/newsflash.html#event20160727:01
What's more, their plan for ASLR is to introduce a very weak (or "non-aggressive" as they call it) implementation.
It's really sad how poorly they handle all aspects of security.
>>
>>55852103
Oh wow, and to think I was proud of them when they announced ASLR, I thought it would've been part of 10.3.
I don't know how you can call yourself a server OS if very basic stuff like that still isn't implemented.
They should really just stop giving a shit about backwards compatibility and break everything by aggressively introducing security features.
>>
>>55851917
I'm a bit confused about release vs stable. I understand that current is a development branch, but should I go with release or current?
>>
>>55852127
Release is OpenBSD as it was released, basically.
-stable is -release+patches, you usually do that manually, rest assured that i tend to use -release systems and they work. some of these patches aren't published on the errata page because they aren't considered priority, so -stable gets a few more patches
-current is bleeding edge, but I always found it hard to maintain.
>>
>>55852103
Oh, and did I mention it still uses Sendmail?
All you need to know about Sendmail is that it was developed during an era where no one cared about security.
>>
So if my understand of OpenBSD is that there is no stable ISO of OpenBSD, just release and I have to either manually download patches or switch to the stable branch and let OpenBSD handle the patches, yes?
>>
>>55852246
Exactly.
But release is good enough for most. CVS is just so shit that I just download the -release source tree and I manually patch it if I really need to.
>>
>>55852266
What's wrong with CVS and ports?
>>
>>55852281
Never said anything was wrong with ports, don't use them unless you know what you're doing though.
CVS is just an unwieldy piece of shit in general. It's slow, and commands have like 60 flags.
>>
I'm thinking about installing FreeBSD. Are derivatives like PC-BSD and GhostBSD even worth my time?
>>
>>55852927
Do you want your computer owned within five minutes of installing? Stay away from FreeBSD if not. See >>55849516
>>
>>55852987
Are netflix servers owned already ?
Don't think so
>>
>>55852987
It doesn't feel fair not trying out FreeBSD before criticizing it.
>>
>>55840815
That's because they're all shit
>>
>>55853244
There needs to be better anime girls for *BSD
>>
>>55853267
Agreed.
>>
>>55852246
well if youre not a reddit tier sysadmin you get paid to do shit like this. and if you're using it at home and this is your complaint, just use a fucking mac faggot. gives you more time to play games manchild.
>>
>>55853755
wow, rude
>>
File: daemonettebsd.jpg (485KB, 682x1024px) Image search:
[Google]
485KB, 682x1024px
>>55853267
BSD has no need of drawings faggot
Thread posts: 199
Thread images: 9
Thread images: 9