|
|
|
|
|
|
by roryrjb
2540 days ago
|
|
|
The impression I got, and it's only an impression based on various blog posts, articles and mailing lists over the years, is that OpenBSD is the most secure operating system even though it's mostly programmed in C (and that they're not looking to replace that with Rust, et al) with mitigations like W^X and pledge, etc; and the fact that their code base is the smallest. I mean I know this is a wide and complicated area with different classes of bugs and vulnerabilities, but still I thought it was generally accepted. |
|
|
Linux does have a much wider user base, however, and that enables the community to even stumble across problems more frequently, while a smaller project like OpenBSD might have to orchestrate specifically-themed hackathons and auditing sprints (as they have). But I would take "security by choice" over "security as a byproduct" any day of the week.
Keeping in mind the breadth of resources that aspiring kernel hackers have access to when introduced to Linux, contrasted to OpenBSD's relative scarcity, it makes the latter quite the underdog success story.
(That is not to say that Linux or the larger of the BSDs is the product of monkeys randomly typing on VT100s -- there is considerable and commendable skill in these projects as well.)