1. 32

  2. 11

    We suck at webpages too.

    1. 5

      Whenever I see an OpenBSD web page in Comic Sans, I know to pay attention.

    2. 5
      1. 1

        Thanks, should’ve searched first. Can an admin delete it?

        Also, a suggestion for the duplicate searcher: try to detect the /index.html at the end and look for the base URL

      2. 3

        What’s the current philosophy toward MAC? OpenBSD has a far smaller attack surface than Linux, and kernel code undergoes a higher level of scrutiny, but I need to run a lot of internet-facing services, and I know there are almost certainly ACE vulns in all of them. Do the OpenBSD devs view MAC as a stopgap necessary for countering the ease of privilege escalation, and that effort is better spent focusing on preventing vulnerabilities from coming to fruition at all?

        PS I would love to see ZFS support! (and I understand it would be a significant undertaking)

        1. 3

          for ZFS I would point to one slide in particular: http://quigon.bsws.de/papers/2015/asiabsdcon/mgp00021.html ;-)

          1. 2

            I absolutely agree that it is complex. And there is very little that I am more certain about than the correlation between complexity and bugs. However, the complexity that it encapsulates is complexity that operators are frequently faced with implementing on their own on top of the filesystem, and usually in a more bug-prone manner due to the time constraints and understaffing often present in management of production systems.

            Complexity is part of life. In and of itself, it is meaningless. Less software complexity means that it will almost always have fewer bugs, but that users may need to compose more layers in order to achieve the proper mapping to the problem space - resulting in identical complexity, and perhaps proportional total bugs. Too much complexity in one layer will absolutely make life harder, but that distinction needs to occur on a per-usecase basis. Often, ZFS is too much complexity, which is why it’s a great idea to retain a VFS so you may use FFS instead (and should unless you have a real reason to switch)! But for many people who professionally manage files and processes that interact with them, the complexity of ZFS is a godsend, and lets them focus on more interesting problems than they would need to solve themselves if ZFS did not for them.

            I also agree that the ZFS license is unfortunate :/