I really should find some time to set up an OpenBSD environment.
2 years ago ยท ๐ steve_dracula
@clematis, I am fascinated by coherent systems, like Haiku and OpenBSD. These systems are designed to be highly integrated, and unlike Linux, identifying and solving a problem is much easier in most cases. Haiku is still in beta, and does not offer much in terms of security (but has wonderful UX and UI, has the spirit of BeOS and Classic Mac OS), but OpenBSD is complete and offers everything in neat command line utilities. And it is damn secure.
@tskaalgard, see my reply above. Linux is highly fragmented, and basically components held together via duct tape. Systems like Haiku, and OpenBSD to some extent, have the opposite philosophy,. ยท 2 years ago
@tskaalgrad For me it's the additional security features like `pledge` and `unveil` to block FS access and systemcalls. They are sandboxes enforced by the application developers after initlization. More effective then Docker/Firejail. Ex: Make webapps cannot read outside of it's resource folder. Audio server cannot make TCP connection. etc..
OpenBSD also randomly relinks the kernel and libc/crypto library per boot. So attackers cannot get a prebuilt binary and analyse it beforehand. ยท 2 years ago
What do you mean by "environment"? But yeah, imho, any time spent tinkering with OpenBSD is worth it. ยท 2 years ago