OpenBSD... sigh

[Ruben van Staveren <staveren%ronix.ptf.hro.nl@localhost>]

First, a littlw story, live and loud from www.oopenbsd.org

comments at end

OpenBSD
Changes Relative to other *BSD's.


OpenBSD looks a lot like NetBSD (which it is derived from, following
the 4.4BSD roots), but is now being developed seperately.  Good changes
from other free operating systems will be merged in (of course, depending
on various factors like developer time for example.)  OpenBSD tracks
NetBSD changes very closely; say anywhere between 2 days to 10 days
behind the state of NetBSD-current all the time.  Hence you can truly
say that OpenBSD is NetBSD <b>PLUS MORE STUFF</b>.



Various additions have been made. This is only a small partial list of
the major machine independent changes (ie. it is the most interesting
changes or what people ask about most often). Check the specific port
you are interested in for further details of that port -- many of them
have been extended too.

 - Many many NetBSD PR's fixed (which NetBSD has not yet fixed)
 - New curses library, including libform, libpanel and libmenu.
 - a termlib library which understands termcap.db, needed for new curses.
 - The FreeBSD ports subsystem was integrated and is usable by you!
 - ipfilter for filtering dangerous packets
 - better ELF support
 - nlist() that understands ELF, ECOFF, and a.out, allowing non-a.out ports
to use kvm utilies
 - Verbatim integration of the GNU tools (using a wrapper Makefile)
 - All the pieces needed for cross compilation are in the source tree.
 - Some LKM support in the tree.
 - ATAPI support (should work on all ISA busses)
 - new scsi, md5, pkg_* commands
 - Numerous security related fixes
 - Kerberos and other crypto in the source tree that is exportable
 - Solid YP master, server, and client capabilities.
 - /dev/*random -- a device driver providing some kinds of random data
 - In-kernel update(8) with an adaptive algorithm
 - Some ddb improvements and extensions
 - Numerous scsi fixes
 - ncheck utility for ffs
 - /sbin/init now deals with non-existant ttys, no longer spins gettys madly.
 - new system calls: rfork(), minherit(), poll().
 - select() that can handle any amount of file descriptors.
 - kernfs extensions
 - ATM support (support for one company's sparc & i386 cards available)
 - Boot kernels with "-c" to edit/enable/disable device configuration tables
 - pax as tar, gnutar is toast
 - using AT&T awk, gawk is toast
 - Even more security fixes.
 - Accepts FreeBSD MD5 passwords in password maps, soon will be able to
generate them too
 - Linux ext2fs and BSD4.4 LFS support being worked on.
 - Working ATAPI audio support for multiple architectures.
 - terminfo database support.
 - Fortran in the tree.
 - The most secure rdist support anywhere.
 - randomized port allocation in bind(), bindresvport(), and rresvport() --
security via unpredictability.
 - Protection from the udp spamming and ftp bounce attacks.
 - Significantly improved ftp daemon.
 - Numerous more security policy and implimentation improvements (OpenBSD
defaults to installing in a very secure mode)
 - zlib (non-GPL'd gzip-compatible library)
 - Newest version of pppd.
 - _POSIX_SAVED_IDS behaviour with permitted BSD extensions.
 - Fixed long-standing vm swap-leak.
 - FreeBSD malloc() that uses mmap() and is able to free unused memory.
 - Numerous FreeBSD userland fixes and improvements incorporated.
 - new rdisc Router Discovery daemon
 - generic protection against the bind() takeover problem.
 - at -f security fix.
 - install now supports -C, -p, and -S flags.
<!--  - a real adduser program, which can even be used uninteractively. -->
 - POSIX & C2 requirement; lose setuid/setgid bits if owner/group changed
by chown(). This can be turned off with sysctl.
 - partial protection against tcp SYN attacks.
 - added /etc/fbtab support to login & init.
 - RCS version 5.7
 - much newer join command (4.4lite2 with other fixes)
 - scsi subsystem security fix
 - Kerberos is much more silent if not configured
 - arc4-based random support in kernel
 - ncr53cXXX scsi scripts assembler
 - Numerous ftpd improvements and fixes, including multihomed support.
 - `lsof'-style features in fstat.
 - /bin/ksh (latest version of pdksh) with more fixes.
 - rudimentary support for ISA Plug-and-Play cards
 - Fixed timeout support in RPC library, and also fixed it to support more
than
FD_SETSIZE file descriptors.
 - improved locate command
 - a good start at NETIPX support
 - nvi version 1.76
 - gcc 2.7.2.1 (to get closer to native alpha support and fix a few other gcc
bugs).
 - latest version of perl, and a lndir command.
 - Even more security fixes.
 - cdio command for using CD audio. 
 - Kernel warns if /dev/console does not exist; nice warning for booting with
an
unpopulated /dev directory.
 - libgnumalloc is gone; our malloc() is better.
 - FreeBSD pipe() system call; quite a bit faster.
 - Some serial drivers support /dev/cuaXX devices for transparent
dialout+dialout, like in SunOS
 - DDB can now access symbol tables from LKM modules
 - Say goodbye to dump, restore, and mt security holes: They are no longer
setuid.
 - *Hobbit*'s netcat utility. The crackers use it, so should you.
 - YP can be compiled out of the system.
 - New routed (from SGI).
 - Almost complete in-tree development for MIPS/Alpha systems (ie. binutils).
 - ftp command modified for easily scripted ftp & http downloads.
 - And of course... more security related fixes.
 - $RSH environment variable used throughout for "ssh" users (ie. dump,
restore, mt).
 - vim is replacing nvi, since nvi does not have a pure BSD license, and vim
also works better.
 - 16 partitions per disk on i386 and sparc ports (yipee!)
 - Nice sample files in /etc
 - sendmail gecos hole fixed (in a number of ways; other programs in the
source
tree were also vulnerable.)
 - secure multicast tools against possible security problems.
 - latest GNU groff, incorporated in a clean wrapperized form.
 - use vim instead of nvi. vim has been extended to add many missing features.
 - mopd for networking booting Digital machines
 - less version 2.90
 - deal with the SYN bomb problem as well as currently known.
 - sendmail version 8.7.6.
 - Some more ftpd and lpd fixes.
 - MIPS shared library ld.so, soon to be others as well.
 - Another kerberos security fix.
 - Almost a hundred more security fixes (just in the last 3 weeks), including
a few more /tmp race conditions and more uses of snprintf and strncpy.
 - Compile time option to compile the source tree almost completely dynamic.
 - A 7% reduction in size of static binaries.
 - FreeBSD's adduser(8) command. Also an rmuser(8) command.
 - MD5/SHA-1 support in skey -- basically RFC 1938 One Time Password support.
 - We have completed security reviews of almost all userland programs and
libraries except for the gnu stuff (where, based on preliminary
inspection, poor handling of temporary files appears rampant).



This list only mentions platform-independent changes.  For a list of changes
made in a particular platform, please check the page for that platform.

OpenBSD/amiga

History and Status:


The Amiga port is basically the same as the NetBSD/amiga port
but with some additions. The major changes are:

 - New interrupt remapping system.
 - Support for using ISA peripherals via a bridgecard.
 - Supports GGBus+ (aka GoldenGate II) and CrossLink bridgecards
   (Neither of these support ISA DMA thus no PC floppy support)
 - Tested ISA devices are
    - com (Standard PC serial ports)
    - lpt (Standard PC parallel ports)
    - ast (AST 4-port serial card)
    - wd (IDE harddisk)
    - acd (IDE ATAPI CD, both data & audio support)
    - if_ed, although named if_isaed due to name clash
      (dp8390 based ethernet cards, like 3c503, NE2000 & SMC Ultra).

    Others should port easily as long as DMA isn't necessary.
 - SunOS emulation can use shared libraries on the '040

Projects (in no particular order):

 - Ramdisk device.
 - Make it possible to use the ADOS fs on vnds (virtual block devices)
 - Optimize the remapping interrupt system.
 - HP-UX emulation.
 - NCR SVR3 Unix emulation.
 - AMIX emulation.
 - Writable ADOSFS.
 - Test aic (Adaptec 1522) and boca (Boca's multiport serial cards).
The maintainer of the amiga port is Niklas Hallqvist 
<niklas%openbsd.org@localhost>

$OpenBSD: amiga.html,v 1.17 1996/09/02 15:43:22 deraadt Exp

Is this a stab in the back ??
what the hell is *so* wrong with NetBSD and NetBSD/amiga that
one of the core developers of NetBSD (Theo de Raadt) is moving 
towards (or doing it as a side project)

I obviously clames: this is NetBSD with more features and without the bugs

Why O why could these (kernel) changes not be integrated in NetBSD
they say OpenBSD will closely follow NetBSD-current. like riding the back
of someone else.

This really #######

No this sucks. why.

Ruben


-- 
 ____________________________________________________________
/___________________________ //_____________________________/| PGP Public
|  _             _        |\X/ Amiga is it, the rest is ... ||_  @ / Key on
| /_)     | /   /_'       |Email: staveren%ronix.ptf.hro.nl@localhost || \/##\ 
Request
|/  \uben |/an __/taveren |(A1230-882@50/14/500) tO tHE eND!||   ##/
|-----------------------------------------------------------||   ||`
|      "Quantum Physics:The Dreams Stuff Are Made Of.."     ||  _|\ NetBSD
| URL: http://www.ptf.hro.nl/~staveren  BrintaBBS: The Guru ||    / - 1.1 -
|           ---==* Invasion Of Our Piracy! *==---           |'
`-----------------------------------------------------------'