|
|
|
|
|
|
by JCattheATM
37 days ago
|
|
|
It really is true. OpenBSD focuses on auditing. In many cases they were not affected because of mitigations, but because they were just using a different stack. OpenBSD wasn't affected by regreSSHion for example, for basically the same reason Alpine wasn't. OpenBSD didn't invent the concept behind W^X, and if you want to talk of 'copying', which I think is kind of silly personally, then PAX was first. I'm familiar with the list of OpenBSD innovations, and in turn I would point you to https://https://isopenbsdsecu.re/ for a breakdown of their claims and marketing. To this date OpenBSD doesn't have anything as simple as a proper ACL, let alone any type of MAC. They claim such systems are too complex, which is of course nonsense. It's like I said - they focus a lot on preventing an attacker gaining access, but have little available to constrain attackers who DO get access. |
|
|
This is partially true; there are numerous other things that are done for mitigation outside of this.