Skip site navigation (1)Skip section navigation (2)
Date:      Thu, 10 Dec 2009 09:55:40 -0500
From:      Mike Tancsa <mike@sentex.net>
To:        Anton Shterenlikht <mexas@bristol.ac.uk>, freebsd-questions@freebsd.org, freebsd-current@freebsd.org
Subject:   Re: Root exploit for FreeBSD
Message-ID:  <200912101455.nBAEtcXo063322@lava.sentex.ca>
In-Reply-To: <20091210144141.GB834@mech-cluster241.men.bris.ac.uk>
References:  <20091210144141.GB834@mech-cluster241.men.bris.ac.uk>

Next in thread | Previous in thread | Raw E-Mail | Index | Archive | Help
At 09:41 AM 12/10/2009, Anton Shterenlikht wrote:
> >From my information security manager:
>
>         FreeBSD isn't much used within the University (I 
> understand) and has a
>         (comparatively) poor security record. Most recently, for example:
>
> 
>http://www.h-online.com/security/news/item/Root-exploit-for-FreeBSD-873352.html
>

Some say... world flat... some say roundish. There are lots of 
opinions to choose from. It would be nice to see an actual properly 
designed study quoted... or even some raw data referenced. and I am 
not talking about something vendor sponsored that examines such track records.

In the case of the above mentioned zero day exploit someone posted, I 
think FreeBSD did a GREAT job at getting a fast unofficial patch out 
and then 2 days later an official advisory and patch out.  Take a 
look at their actual track record at http://www.freebsd.org/security 
and judge for yourself based on that.  Note, a good chunk of whats 
there is common across multiple operating systems (e.g ntpd, BIND, openssl etc)

There are lots of reasons why someone might use or not use FreeBSD. 
In my _opinion_, a "poor security record" is not one of them... But 
judge for yourself based on their actual track record.

         ---Mike


--------------------------------------------------------------------
Mike Tancsa,                                      tel +1 519 651 3400
Sentex Communications,                            mike@sentex.net
Providing Internet since 1994                    www.sentex.net
Cambridge, Ontario Canada                         www.sentex.net/mike




Want to link to this message? Use this URL: <http://docs.FreeBSD.org/cgi/mid.cgi?200912101455.nBAEtcXo063322>