Author: "Perry E. Metzger" <perryat_private> Date: Mon, 27 Jul 1998 23:21:20 -0400 ID: <199807280321.XAA08929at_private> > > While I'll agree that this is a very lame bug (in the sense > > that it shouldn't exist), one can hardly call it an exploit. > > Dunno. If your ISP was running on OpenBSD it would be pretty damn > annoying. Sure, annoying, but an exploit? Is BugTraq going to start publishing all local attacks and crashers? > Personally, I find the constant claims that OpenBSD is more secure > than FreeBSD and NetBSD annoying. We all do extensive security > work. This is just another example of a fairly common situation -- in > which OpenBSD has a bug that other BSDs don't. Sometimes it is the > other way around, too, but you'd think from the propaganda that it was > always, or even usually, OpenBSD that was the most secure system. I've seen a lot more exploits for Free-/Net- BSD posted to BugTraq than for OpenBSD. I haven't seen any remote exploits for OpenBSD in recent memory, nor any root exploits local or remote. Saying that this _one_ example "proves" that OpenBSD is not more secure than Free-/Net- BSD doesn't really seem rational. TjL -- I go offline on 31 July 1998 Mail delivered to "luomatat_private" will eventually be read, but I can't promise how many days/weeks/months it will be.
This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 14:09:08 PDT