OpenBSD
From Wikipedia, the free encyclopedia
OpenBSD
"Free, Functional & Secure"
|
Company / developer
| The OpenBSD Project
|
OS family
| BSD
|
Working state
| Current
|
Source model
| Open source
|
Latest stable release
| 4.5 (2009-05-01; 4 months ago) [+/−]
|
Latest unstable release
| 4.6-current (ongoing) [+/−]
|
Package manager
| OpenBSD package tools and ports tree
|
Supported platforms
| 68000, Alpha, AMD64, i386, MIPS, PowerPC, SPARC 32/64, VAX, Zaurus and others[1]
|
Kernel type
| Monolithic
|
Userland
| BSD
|
Default user interface
| Modified pdksh, FVWM 2.2.5 for X11
|
License
| Mostly BSD
|
Website
| www.openbsd.org
|
OpenBSD includes a number of security features absent or optional in other operating systems and has a tradition of developers
auditing the source code for
software bugs and security problems. The project maintains strict policies on licensing and prefers the
open source BSD licence and its variants—in the past this has led to a comprehensive licence audit and moves to remove or replace code under licences found less acceptable.
As with most other BSD-based operating systems, the OpenBSD
kernel and
userland programs, such as the
shell and common tools like
cat and
ps, are developed together in a single source repository. Third-party software is available as binary packages or may be built from source using the
ports tree.
History and popularity
In December 1994, NetBSD co-founder
Theo de Raadt was asked to resign his position as a senior developer and member of the NetBSD core team, and his access to the source code repository was revoked.
The OpenBSD 2.3
CD-ROM cover with the original mascot, before
Puffy appeared with release 2.7
The reason for this is not wholly clear, although there are claims that it was due to personality clashes within the NetBSD project and on its
mailing lists.
[2] De Raadt has been criticized for having a sometimes abrasive personality: in his book,
Free For All, Peter Wayner claims that de Raadt "began to rub some people the wrong way" before the split from NetBSD;
[3] Linus Torvalds has described him as "difficult;"
[4] and an interviewer admits to being "apprehensive" before meeting him.
[5] Many have different feelings: the same interviewer describes de Raadt's "transformation" on founding OpenBSD and his "desire to take care of his team," some find his straightforwardness refreshing, and few deny he is a talented
coder[6] and security "guru".
[7]
In October 1995, de Raadt founded OpenBSD, a new project forked from NetBSD 1.0. The initial release, OpenBSD 1.2, was made in July 1996, followed in October of the same year by OpenBSD 2.0.
[9] Since then, the project has followed a schedule of a release every six months, each of which is maintained and supported for one year. The latest release, OpenBSD 4.5, appeared on May 1, 2009.
[10]
On 25 July 2007, OpenBSD developer Bob Beck announced the formation of the
OpenBSD Foundation,
[11] a Canadian
not-for-profit corporation formed to "act as a single point of contact for persons and organizations requiring a legal entity to deal with when they wish to support OpenBSD."
[12]
Just how widely OpenBSD is used is hard to ascertain: the developers do not collect and publish usage statistics and there are few other sources of information. In September 2005 the nascent BSD Certification Group performed a usage survey which revealed that 32.8% of BSD users (1420 of 4330 respondents) were using OpenBSD,
[8] placing it second of the four major BSD variants, behind
FreeBSD with 77% and ahead of NetBSD with 16.3%.
[13] The
DistroWatch website, well-known in the
Linux community and often used as a reference for popularity, publishes page hits for each of the
Linux distributions and other operating systems it covers. As of 23 August 2008
(2008 -08-23)[update] it places OpenBSD in 54th place, with 126 hits per day. FreeBSD is in 16th place with 473 hits per day and a number of Linux and non-Linux distributions range between them.
Open source and open documentation
When OpenBSD was created, Theo de Raadt decided that the source should be available for anyone to read at any time, so, with the assistance of Chuck Cranor,
[14] he set up a public, anonymous
CVS server. This was the first of its kind in the software development world: at the time, the tradition was for only a small team of developers to have access to a project's source repository. This practice had downsides, notably that outside contributors had no way to closely follow a project's development and contributed work would often duplicate already completed efforts. This decision led to the name
OpenBSD and signaled the project's insistence on open and public access to both source code and documentation.
A revealing incident regarding open documentation occurred in March 2005, when de Raadt posted a message
[15] to the
openbsd-misc mailing list. He announced that after four months of discussion,
Adaptec had not disclosed the documentation required to improve the OpenBSD
drivers for its AAC
RAID controllers. As in similar circumstances in the past, he encouraged the OpenBSD community to become involved and express their opinion to Adaptec. Shortly after this, FreeBSD
committer, former Adaptec employee and author of the FreeBSD AAC RAID support Scott Long
[16] castigated de Raadt
[17] on the
OSNews website for not contacting him directly regarding the issues with Adaptec. This caused the discussion to spill over onto the
freebsd-questions mailing list, where the OpenBSD project leader countered
[18] by claiming that he had received no previous offer of help from Scott Long nor been referred to him by Adaptec. The debate was amplified
[19] by disagreements between members of the two camps regarding the use of
binary blob drivers and
non-disclosure agreements (NDAs): OpenBSD developers do not permit the inclusion of
closed source binary drivers in the source tree and are reluctant to sign NDAs. However, the FreeBSD project has a different policy and much of the Adaptec RAID management code Scott Long proposed as assistance for OpenBSD was closed source or written under an NDA. As no documentation was forthcoming before the deadline for release of OpenBSD 3.7, support for Adaptec AAC RAID controllers was removed from the standard OpenBSD kernel.
The OpenBSD policy on openness extends to hardware documentation: in the slides for a December 2006 presentation, de Raadt explained that without it "developers often make mistakes writing drivers," and pointed out that "the [oh my god, I got it to work] rush is harder to achieve, and some developers just give up."
[20] He went on to say that vendor binary drivers are considered unacceptable to OpenBSD—in their view they cannot be trusted and there is "no way to fix [them] ... when they break." Vendor source is "marginally acceptable" and still difficult to fix when problems occur.
Licensing
A goal of the OpenBSD project is to "maintain the spirit of the original Berkeley Unix
copyrights," which permitted a "relatively un-encumbered Unix source distribution."
[21] To this end, the
Internet Systems Consortium (ISC) licence, a simplified version of the BSD licence with wording removed that is unnecessary under the
Berne convention, is preferred for new code, but the
MIT or BSD licences are accepted. The widely used
GNU General Public License is considered overly restrictive in comparison with these.
[22] Code that is under any license considered undesirable is no longer accepted for addition to the base system. Existing code under such licences is actively replaced or relicensed when possible, except in cases where there is no suitable replacement and creating one would be time-consuming and impractical. Of particular note is the development of
OpenSSH, based on the original
SSH suite and developed further by the OpenBSD team. It first appeared in OpenBSD 2.6 and is now the single most popular SSH implementation, available as standard or as a package on many operating systems. Also worth mentioning is the development, after licence restrictions were imposed on
IPFilter, of the
pf packet filter, which first appeared
[23] in OpenBSD 3.0 and is now available in
DragonFly BSD, NetBSD and FreeBSD. More recently, OpenBSD releases have seen the GPL licensed tools
bc,
dc,
diff,
grep,
gzip,
nm,
pkg-config,
RCS, sendbug (part of
GNATS) and
size replaced with BSD licensed equivalents. OpenBSD developers are also behind
OpenBGPD,
OpenOSPFD,
OpenNTPD and
OpenCVS, which are other BSD licensed alternatives to existing software. In September 2007, the OpenBSD team took the initial steps towards replacing the
GNU Compiler Collection (GCC) by importing Anders Magnusson's BSD-licensed
Portable C Compiler (PCC) into CVS.
[24]
In June 2001, triggered by concerns over
Darren Reed's modification of IPFilter's licence wording, a systematic licence audit of the OpenBSD ports and source trees was undertaken.
[25] Code in more than a hundred files throughout the system was found to be unlicensed, ambiguously licensed or in use against the terms of the licence. To ensure that all licences were properly adhered to, an attempt was made to contact all the relevant copyright holders: some pieces of code were removed, many were replaced, and others, including the
multicast routing tools, mrinfo and map-mbone,
[26] which were licensed by
Xerox for research only, were relicensed so that OpenBSD could continue to use them. Also of note during this audit was the removal of all software produced by
Daniel J. Bernstein. At the time, Bernstein requested that all modified versions of his code be approved by him prior to redistribution, a requirement to which OpenBSD developers were unwilling to devote time or effort.
[27] The removal led to a clash with Bernstein who felt the removal of his software to be uncalled for. He cited the
Netscape web browser as much less freely licensed, accusing the OpenBSD developers of hypocrisy for permitting Netscape to remain while removing his software.
[28] The OpenBSD project's stance was that Netscape, although not open source, had licence conditions that could be more easily met.
[29] They asserted that Bernstein's demand for control of derivatives would lead to a great deal of additional work and that removal was the most appropriate way to comply with his requirements.
Security and code auditing
Shortly after OpenBSD's creation, Theo de Raadt was contacted by a local security software company named Secure Networks, Inc. or SNI.
[30][31] They were developing a "network security auditing tool" called Ballista (later renamed to Cybercop Scanner after SNI was purchased by
Network Associates) which was intended to find and attempt to
exploit possible software security flaws. This coincided well with de Raadt's own interest in security, so the two agreed to cooperate, a relationship that was of particular use leading up to the release of OpenBSD 2.3
[32] and helped to form the focal point of the project: OpenBSD developers would attempt to do what was right, proper or secure, even at the cost of ease, speed or functionality. As bugs within OpenBSD became harder to find and exploit, the security company found that it was too difficult and expensive to handle such obscure problems. After years of cooperation, the two parties decided that their goals together had been met and they parted ways.
Until June 2002, the OpenBSD website featured the slogan:
| “ | Five years without a remote hole in the default install! | ” |
In June 2002, Mark Dowd of
Internet Security Systems disclosed a bug in the OpenSSH code implementing
challenge-response authentication.
[33] This
vulnerability in the OpenBSD default installation allowed an attacker remote access to the
root account, which was extremely serious not only to OpenBSD, but also to the large number of other operating systems that were using OpenSSH by that time.
[34] This problem necessitated the adjustment of the slogan on the OpenBSD website to:
| “ | One remote hole in the default install, in nearly 6 years! | ” |
The quote remained unchanged as time passed, until on March 13, 2007 when Alfredo Ortega of Core Security Technologies
[35] disclosed a network-related remote vulnerability.
[36] The quote was subsequently altered to:
| “ | Only two remote holes in the default install, in a heck of a long time! | ” |
This statement has been criticized because little is enabled in a default install of OpenBSD and releases have included software that was later found to have remote holes. However, the project maintains that the slogan is
intended to refer to a default install and that it is correct by that measure. One of the fundamental ideas behind OpenBSD is a drive for systems to be simple, clean and
secure by default. For example, OpenBSD's minimal defaults fit in with the standard computer security practice of enabling as few services as possible on production machines. The project also uses open source and code auditing practices argued to be important elements of a security system.
[37]
OpenBSD includes a large number of features specifically designed to improve security. These include:
API and
toolchain alterations, such as the
arc4random,
issetugid,
strlcat,
strlcpy and
strtonum functions, as well as a
static bounds checker; memory protection techniques to guard against invalid accesses, such as
ProPolice,
StackGhost, the
W^X (W
xor X)
page protection features, as well as alterations to
malloc;
cryptography and
randomization features, including
network stack enhancements and the addition of the
Blowfish cipher for
password encryption.
To reduce the risk of a vulnerability or misconfiguration allowing
privilege escalation, some programs have been written or adapted to make use of
privilege separation,
privilege revocation and
chrooting. Privilege separation is a technique, pioneered on OpenBSD and inspired by the
principle of least privilege, where a program is split into two or more parts, one of which performs privileged operations and the other—almost always the bulk of the code—runs without privilege.
[38] Privilege revocation is similar and involves a program performing any necessary operations with the privileges it starts with then dropping them. Chrooting involves restricting an application to one section of the
file system, prohibiting it from accessing areas that contain private or system files. Developers have applied these features to OpenBSD versions of common applications, including
tcpdump and the
Apache web server (the latter of which, due to licensing issues with the later Apache 2 series, is a heavily
patched 1.3.29 release).
The project has a policy of continually auditing code for problems, work that developer Marc Espie has described as "never finished ... more a question of process than of a specific bug being hunted."
[39] He went on to list several typical steps once a bug is found, including examining the entire source tree for the same and similar issues, "try[ing] to find out whether the documentation ought to be amended," and investigating whether "it's possible to augment the
compiler to warn against this specific problem." Along with DragonFly, OpenBSD is one of the only two open source operating systems with a policy of seeking out examples of classic,
K&R C code and converting it to the more modern
ANSI equivalent (this involves no functional change and is purely for readability and consistency reasons). A standard code style, the
Kernel Normal Form, which dictates how code must look in order to be easily maintained and understood, must be applied to all code before it is considered for inclusion in the base operating system; existing code is actively updated to meet the style requirements.
Linux kernel creator
Linus Torvalds has expressed the view that development efforts should be focused on fixing general problems rather than targeting security issues, as non-security bugs are more numerous ("all the boring normal bugs are _way_ more important, just because there's a lot more of them"
[40]). On July 15, 2008, he criticised the OpenBSD policy: "[T]hey make such a big deal about concentrating on security that they pretty much admit that nothing else matters to them."
[41] OpenBSD developer Marc Espie replied to Torvalds' statement: "It's a totally misinformed opinion ... [Fixing normal bugs] is exactly what people in the OpenBSD project do, all the time."
[42] Developer Artur Grabowski also expressed surprise: "That's the funniest part about this ... [Torvalds] was saying the same things we say."
[43]
Uses
Several
proprietary systems are based on OpenBSD, including Profense from Armorlogic ApS,
[44] AccessEnforcer from Calyptix Security,
[45] GeNUGate and GeNUBox from GeNUA mbH,
[46] RTMX O/S from RTMX Inc,
[47] syswall from Syscall Network Solutions AG,
[48] HIOBMessenger from topX, and various security appliances made by .vantronix GmbH.
[49] Of these, GeNUA, RTMX, and .vantronix have contributed back to OpenBSD: GeNUA funded the development of
SMP on the i386 platform, RTMX have sent patches to add further
POSIX compliance to the system, and .vantronix contributed in networking and
load balancing. Several open source operating systems have also been derived from OpenBSD, notably
Anonym.OS and
MirOS BSD, as well as the now defunct
ekkoBSD,
MicroBSD and
Gentoo/OpenBSD. In addition, code from many of the OpenBSD system tools has been used in recent versions of
Microsoft's
Services for UNIX, an extension to the
Windows operating system which provides some Unix-like functionality, originally based on
4.4BSD-Lite.
Core Force, a security product for Windows, is based on OpenBSD's pf firewall. There have also been projects which use OpenBSD as part of images for
embedded systems, including
OpenSoekris and
flashdist; together with tools like
nsh, these allow
Cisco-like embedded devices to be created.
[50]
OpenBSD ships with the
X window system. Following the
XFree86 licence change, it includes a recent
X.Org release; an older XFree86 3.3 release is also available for legacy
video cards. With these, it is possible to use OpenBSD as a desktop or workstation, making use of a
desktop environment or just a
window manager to give the X desktop a wide range of appearances. The OpenBSD ports tree contains many of the most popular tools for desktop use, including desktop environments
GNOME,
KDE, and
Xfce; web browsers
Konqueror and
Mozilla Firefox; and
multimedia programs
MPlayer,
VLC media player and
xine. In addition, graphical software for many uses is available from both the ports tree and by compiling POSIX compliant software. Also available are
compatibility layers, which allow binary code compiled for other operating systems, including Linux, FreeBSD,
SunOS and
HP-UX, to be run. OpenBSD no longer lacks accelerated
3D graphics support;
[51] as of March 2008
[update], work on
Direct Rendering Manager (DRM) is ongoing and some support is present in
-current.
[52]
OpenBSD's performance and usability is occasionally criticised. Felix von Leitner's performance and
scalability tests
[53] indicated that OpenBSD lagged behind other operating systems. In response, OpenBSD users and developers criticised von Leitner's objectivity and methodology, and asserted that although performance is given consideration, security and correct design are prioritised, with developer Nick Holland commenting: "It all boils down to what you consider important."
[54] OpenBSD is also a relatively small project, particularly when compared with FreeBSD and Linux, and developer time is sometimes seen as better spent on security enhancements than performance optimisations. Critics of usability say that OpenBSD has a lack of user-friendly configuration tools, a bare default installation,
[55] and a "spartan" and "intimidating" installer.
[56] These see much the same rebuttals as performance: a preference for simplicity, reliability and security. As one reviewer puts it, "running an ultra-secure operating system can be a bit of work."
[57]
Distribution and marketing
OpenBSD is available freely in various ways: the source can be retrieved by anonymous CVS or
CVSup, and binary releases and development snapshots can be downloaded either by
FTP or
HTTP. Prepackaged
CD-ROM sets can be ordered online for a small fee, complete with an assortment of stickers and a copy of the release's theme song. These, with its artwork and other bonuses, are one of the project's few sources of income, funding hardware,
bandwidth and other expenses. Until OpenBSD 4.2, only a small install
ISO image was available for download, to encourage sales of the full CD-ROM set. OpenBSD 4.2 provides a complete install ISO.
In common with several other operating systems, OpenBSD uses ports and packaging systems to allow for easy installation and management of programs which are not part of the base operating system. Originally based on the FreeBSD ports tree, the system is now quite distinct. Additionally, major changes have been made since the 3.6 release, including the replacement of the package tools by more capable versions, written in
Perl by
Marc Espie. In contrast to FreeBSD, the OpenBSD ports system is intended as a source used to create the end product, the packages: installing a port first creates a package and then installs it using the package tools. Packages are built in bulk by the OpenBSD team and provided for download with each release. OpenBSD is also unique among the BSDs in that the ports and base operating system are developed and released together for each version: this means that the ports or packages released with, for example, 3.7 are not suitable for use with 3.6 and vice versa. This is a policy which lends a great deal of stability to the development process, but means that the software in ports for the latest OpenBSD release can lag somewhat from the latest version available from the author.
Around the time of the OpenBSD 2.7 release, the original mascot, a
BSD daemon with a
trident and
halo, was replaced by Puffy, traditionally said to be a
pufferfish. In fact pufferfish do not possess spikes and images of Puffy are closer to a similar species, the
porcupinefish. Puffy was selected because of the Blowfish encryption algorithm used in OpenSSH and the strongly defensive image of the porcupinefish with its spikes to deter predators. He quickly became very popular, mainly because of the appealing image of the fish and his distinction from the BSD daemon used by FreeBSD, and the horde of daemons used by NetBSD. Puffy made his first public appearance in OpenBSD 2.6 and, since then, has appeared in a number of guises on
tee-shirts and
posters. These have included
Puffiana Jones, the famed
hackologist and adventurer, seeking out the Lost RAID;
Puffathy, a little Alberta girl, who must work with
Taiwan to save the day;
Sir Puffy of Ramsay, a freedom fighter who, with Little Bob of Beckley, took from the rich and gave to all; and
Puff Daddy, famed rapper and political icon.
After a number of releases, OpenBSD has become notorious for its catchy songs and interesting and often comical artwork. The promotional material of early OpenBSD releases did not have a cohesive theme or design but, starting with OpenBSD 3.0, the CD-ROMs, release songs, posters and tee-shirts for each release have been produced with a single style and theme, sometimes contributed to by Ty Semaka of the
Plaid Tongued Devils. At first they were done lightly and only intended to add humour but, as the concept has evolved, they have become a part of OpenBSD
advocacy, with each release expanding a moral or political point important to the project, often through
parody. Past themes have included: in OpenBSD 3.8, the
Hackers of the Lost RAID, a parody of
Indiana Jones linked to the new RAID tools featured as part of the release;
The Wizard of OS, making its debut in OpenBSD 3.7, based on the work of
Pink Floyd and a parody of
The Wizard of Oz related to the project's recent
wireless work; and OpenBSD 3.3's
Puff the Barbarian, including an 80s rock-style song and parody of
Conan the Barbarian, alluding to open documentation.
In addition to the slogans used on tee-shirts and posters for releases, the project occasionally produces other material: over the years,
catchphrases have included "Sending
script kiddies to
/dev/null since 1995," "Functional, secure, free — choose 3," "Secure by default," and a few insider slogans, only available on tee-shirts made for developer gatherings, such as "World class security for much less than the price of a
cruise missile" and a crusty old octopus proclaiming "Shut up and hack!"
06.19
Via Anwar
Subscribe
Follow me!