by Joshua Branson — July 19, 2021
EDIT: This systematic review of OpenBSD security mitigations points out some inaccuracies in the following blog.
I will be honest. I have a little crush on OpenBSD. When I first learned about free/open operating systems, I knew that I wanted to use them. But in my early days of knowing nothing about computers, my limited research lead me to the conclusion that I could choose one of the *BSDs or a GNU/Linux distribution.
When I was making my decision about what free/open operating system that I wanted to run, I was intrigued by the code quality that FreeBSD, NetBSD, DragonFlyBSD, and particularly the insane masturbating monkey behavior that results from the impressive design goals of security, robustness, tracking and implement standards (ANSI, POSIX, parts of X/Open, etc.), and portability of OpenBSD.
OpenBSD is known as being one of, if not the most secure, operating system in the world. It has pioneered many security related features, many of which have been ported to the other *BSDs including:
- W or X: you can either write or execute to a section of the hard drive but not both.
- secure replacements for strcpy and strcat, namely strlcpy and strlcat
- kernel randomization in that the linker randomly relinks the kernel at every reboot or halt (this is awesome)!
- changes to malloc to use mmap, "which was modified to return random memory addresses…"
- privilege separation/revocation and chrooting of common applications
- remove-all of outdated/underused code. I read somewhere that they removed the bluetooth support and are actively removing old or outdated syscalls. OpenBSD has 300 some syscalls and the other *BSDs have 400 to 500, though I cannot currently provide a reference for this.
Surprizingly, while openBSD is strives to be secure, security is not necessarily the central focus, as lead developer and founder Theo de Raadt explains (I'm not certain if he actually said this):
Many people think that is about security. It is not. Largely, those standards are about accountability in the face of threat. Which really isn't about making systems secure. It's about knowing when your system's security breaks down. Not quite the same thing. Please count the commercially deployed C, B, or even A systems which are actually being used by real people for real work, before foaming at the mouth about it all being "so great". On the other hand, I think we wil see if some parts of that picture actually start to show up in real systems, over time. By the way, I am surprised to see you list ACLs, which don't really have anything to do with B1 systems.
As to the second issue, I have no idea what a distributed kernel is, nor do I see how anything like that would improve security or quality of a system.
The OpenBSD developers are also prolific software developers: opensmtpd, httpd, doas (why doas?), sndio (a sound server), mandoc (manual page generator), and probably lots of other cool things. I currently am using opensmtpd as my email server, and it's pretty awesome!
Also, there is some renewed interested in creating an FSF endorsed distribution from the hyperbolaBSD project. They probably picked OpenBSD because of it's amazing code quality and great documentation, BUT ALSO OpenBSD is almost an approved FSF operating system already. OpenBSD does NOT include proprietary code in the base install, because this is a massive security vulnerability. So basically, I am now dual booting Guix System and OpenBSD, and I have my eye on HyperbolaBSD. I hope they are successful!
P.S. The OpenBSD installer was breath-takingly easy and painless! If you've got an old-ish Thinkpad lying around, you might want to give it a try.