Announcement

Collapse
No announcement yet.

FreeBSD Is Off To A Good 2021 Start With FreeBSD 13.0, PIE By Default, helloSystem

Collapse
X
 
  • Filter
  • Time
  • Show
Clear All
new posts

  • FreeBSD Is Off To A Good 2021 Start With FreeBSD 13.0, PIE By Default, helloSystem

    Phoronix: FreeBSD Is Off To A Good 2021 Start With FreeBSD 13.0, PIE By Default, helloSystem

    The FreeBSD project published their Q1 status report yesterday that outlines the progress they made over the past quarter on advancing this leading open-source BSD operating system...

    https://www.phoronix.com/scan.php?pa...reeBSD-Q1-2021

  • #2
    Any word on a FreeBSD 13.0 performance review?

    Comment


    • #3
      Great OS for me.

      Comment


      • #4
        I love FreeBSD and use it on my workstation, it is a great OS, but some of the security features the project is just now picking up for 13.0-RELEASE and even future 13.1 work OpenBSD has had since a decade ago. That is why reluctantly, I chose OpenBSD 6.9 for my webserver versus FreeBSD 13.0. As security oriented as FreeBSD is it just can't hold a candle to OpenBSD security.

        In my mind I see it as this: vanilla Linux < FreeBSD < Linux with selinux or APParmor < OpenBSD in terms of security worse to greatest.

        Comment


        • #5
          Originally posted by kylew77 View Post
          As security oriented as FreeBSD is it just can't hold a candle to OpenBSD security.
          For servers I tend to feel similar. Though I would say that FreeBSD Jails do go slightly further than OpenBSD's chroots depending on the type of service you have in mind. Likewise FreeBSD also has address sanitizer which for me has picked up more issues than OpenBSD's / Otto's malloc testing features.

          However pledge and unveil are pretty great technologies if utilised well and the fact that OpenBSD has a very real focus on security just means that going forwards, it is likely to be a pretty safe choice.

          Ultimately though, the fact that neither have any real services listening by default (checked via netstat, etc) means that they are both pretty good.

          Comment

          Working...
          X