OpenBSD Journal

3.3-current -> 3.4-beta

Contributed by jose on from the concurrent-development dept.

psygnosis writes: "OpenBSD 3.3-current now turns 3.4-beta.as the cvs log says:
CVSROOT: /cvs
Module name: src
Changes by: deraadtcvs.openbsd.org 2003/08/11 08:52:43

Modified files:
        distrib/miniroot: install.sub
        etc/root : root.mail
        sys/conf : newvers.sh
        sys/sys : param.h
        share/mk : sys.mk
        share/tmac/mdoc: doc-common doc-syms
        sys/arch/macppc/stand/tbxidata: bsd.tbxi

Log message: 
move to 3.4-beta

OpenBSD 3.4 is fast approaching :-)

Find those bugs, test everything, let's make sure that 3.4 is the best we've ever done. The project has made tremendous strides for this release ...

(Comments are closed)


Comments
  1. By Anonymous Coward () on

    Comments
    1. By joebeastie () on

      that was what i was just thinking. i did not realize a new release is fast approaching.

  2. By Anonymous Coward () on

    Could anyone post a list of the changes? Would this involve reading many CVS tags?

    Comments
    1. By Anonymous Coward () on

      Someone already has - http://www.openbsd.org/plus.html is the ongoing list of changes. It only goes up to June 30 at the moment, but it makes for interesting reading. For a to the minute summary, point a web browser at ftp:///pub/OpenBSD/cvs/CVSROOT/ChangeLog to see all the CVS activity logged.

      Comments
    2. By Maricel Madayag () ycel@feu-nrmf.ph on mailto:ycel@feu-nrmf.ph

      you can also see the neohapsis archives at http://archives.neohapsis.com/archives/openbsd/cvs/ :-)

  3. By Jadipai () on

    Tremendous strides??? Elaborate. Will it have Mozilla or Java1 1.4? Or is it just a tremendous stride every time that there are no remote security holes. Hmm... the packet filter is very good, but in the new release is it much better...

    Comments
    1. By Anonymous Coward () on

      Yes. No. Yes. Yes. ELF, W^X, license cleanup, GNU utils removed in favour of BSD tools. These are just the ones that come to mind.

      Comments
      1. By Jadipai () on

        Oh yes, ELF is certainly a great improvement. Are you referring to old UNIX sources that were made available under BSD license only recently? What GNU utilities were replaced?

        Comments
        1. By Ryvar () on

          The most important change for a lot of us is WorX (write exclusive-or execute for memory pages) on the x86, which theoretically would make OpenBSD effectively proof against buffer overflows.

          This was available for most non-x86 platforms in 3.3, I believe.

          Comments
          1. By Anonymous Coward () on

            Not true, theoretically you can still do a ret-to-libc style attack to invoke mprotect() and all your W^X pages are gone.

            Comments
            1. By Anonymous Coward () on

              but random shared mappings make that harder ...

              Comments
              1. By Anonymous Coward () on

                harder yes, impossible no. how much randomness does an attacker have to guess (let's assume he can't readily leak this information nor can he abuse the code in ld.so and the main executable which are not randomized at all)? if i'm not mistaken then only the library load order is randomized, that carries a few bits of information only (log2(n!) bits for n libs) and even less for any individual library (n bits). combining this with base address randomization would give the best result.

        2. By Anonymous Coward () on

          diff
          grep -> freegrep

          Comments
          1. By Anonymous Coward () on

            patch
            gzip tools

            Comments
            1. By tedu () on

              patch was always free, it just looks nicer and works better now.

            2. By Anonymous Coward () on

              but /bin/true and /bin/false are still shell scripts instead of trivial C code.

              Comments
              1. By Anonymous Coward () on

                if it's trivial, write your C versions and submit them to the project as BSD licensed utils... 30 minutes work, then you can impress girls with being an obsd contributer. or not.

                Comments
                1. By Anonymous Coward () on

                  yeah, contributers get to bone ALL the bad babes

                  Comments
                  1. By Anonymous Coward () on

                    Time to learn a bit more C then :)

                  2. By Anonymous Coward () on

                    yeah, contributers[sic] get to bone ALL the bad babes

                    make that "each other"

              2. By Sam () on

                you probably mean /usr/bin/true and /usr/bin/false

      2. By SFN () on

        "Yes. No. Yes. Yes. ELF, W^X, license cleanup, GNU utils removed in favour of BSD tools. These are just the ones that come to mind."

        Gee, thanks.

        So:

        Mozilla - Yes
        Java1 1.4 - No
        Or is it just a tremendous stride every time that there are no remote security holes - Yes
        the packet filter is very good, but in the new release is it much better - Yes

        in addition to what the OP asked - ELF, W^X, license cleanup, GNU utils removed in favour of BSD tools. These are just the ones that come to mind.

        Is that right?

    2. By Anonymous Coward () on

      Lets not forget purging the entire tree of unsafe strcpy/strcat. For example, -current was not vulnerable to the realpath bug because of strlcat (there was still a bug, but the overflow was clamped safely).

    3. By Jan J () on

      propolice in kernel.

      Updates to:
      Kerberos V
      AFS (Hopefully).

    4. By Anonymous Coward () on

      I sort of understand your point, but the quality in software isn't always immediately user- or app-specific. Java is a huge undertaking, and even copying FreeBSD will end up inheriting a mess, not to mention the kernel changes to get the JVM working right. Mozilla is a *browser*, fer cryinoutloud. I'd rather they keep working on what makes OpenBSD great.

      I have the feeling that not too many people need either a GUI or Java on their edge boxes. Sure, it would be nice to have Tomcat running on an OBSD app server, but the Linux support is so nice, why not run it there? Let the OBSD box protect the app server on the inside, as it should.

      Comments
      1. By Anonymous Coward () on

        Umm...no. Not everyone uses OBSD as an edge box. Frankly, I find it short-sighted that you even suggest that; while OBSD makes a great firewall, balancer, authentication point, that surely is not the only thing it is good for.

        Put another way--I want to pick the OS. I don't want the OS to pick me.

        The purpose of an OS, imnsho, is security followed by functionality. OBSD should and does continue to focus on security. However, stuff like Java and a usable browser are up there in terms of wanted functionality.

        Not everyone needs them. Not everyone uses them. But it makes for a more complete and usable universal operating system when you have a usable, decent, fast browser. And Java, for all its presumed problems, is frequently desired.

        That said, personally, I can do without Mozilla or Java. I'd rather have SMP. But that's me. Furthermore, idealogically, I don't like the GPL and much prefer the BSD license--code use is more important to me (which the GPL does not fully allow). Furthermore, I would rather have a monolithic setup on my machines--iow, OBSD across the board. I don't want a FreeBSD or NetBSD or, for crying out loud, a Linux box sitting there. (Or, to put another way, replace Linux with XP and then evaluate the sentiments behind your statement--you could be running IIS with an OBSD firewall, right? Yes. But would any sane person want to? No. That's how I feel about Linux. I'd go OS X before Linux.)

        I sure as hell would not run Linux if an OBSD option is there. This should be reason enough to explain why a Java implementation should exist; whether or does or whether you might use it, that's a totally different matter.

        Better license, better code. I, like others, just want more functionality. Slow progression is fine, but the talk of usable SMP has been going on since I bought my C433 when BP6 (Abit's dual S370 board) were the in thing.

    5. By Peter Hessler () spambox@theapt.org on http://www.theapt.org

      Mozilla on i386 = YES.
      Java = who wants that pile of pig sh*t?

      If that is all you care about, then go run Windows. There are numerous backend improvements, and plenty of new crap added.

      BTW: systraced ports is pretty damn cool.

      Comments
      1. By Anonymous Coward () on

        Hey relax!!

        Why don't run FreeBDS or even GNU/Linux instead of Windows? What about Max OS X?

      2. By Anonymous Coward () on

        > Java = who wants that pile of pig sh*t?

        My feelings exactly. Java needs to crawl into a corner and die.

      3. By Kay () on http://gattaca.dyndns.info

        Java = who wants that pile of pig sh*t? ...a close-minded troll has spoken.

      4. By Anonymous Coward () on

        Java is fantastic stuff. No buffers = no buffer overflows. There could still be buffer overflows in the JVM, but that means that only one finite piece of code needs to be checked for the overflows. After that, everything else which runs on that JVM has no buffer overflows. And Sun's JVM has a superb track record on that issue. A good Java environment would be a wonderful addition to OpenBSD. That, and SMP, and then OpenBSD would be ready for any kind of server use.

        Comments
        1. By Anonymous Coward () on

          umm, no buffers = no skilled memory management = bloated "designer code" that won't be half as useful as they pretend it to be until our toasters are packing 4gigs of ram? not that I'm an expert, just a thought.

    6. By Anonymous Coward () on

      JAVA? Bwahahahahha

      That is the worst piece of camel pooh that I have ever seen. Belongs in the Lindows world. It is the most successful marketing hype of the nineties.

      Oh, oh let's not forget XML either.

      MARKETING! Nobody needs friggin Java! The idea was nice but the implementation sucks doo-doo.

      Comments
      1. Comments
        1. By Anonymous Coward () on


          uh, just another one of these close-minded trolls


          Closes-minded? You are way to kind! It's surprising that /.-style trolls are here, though.

          Comments
          1. By Kay () on http://gattaca.dyndns.info

            Someone who only can say "JAVA? Bwahahahahha " without providing any facts is definitively a troll.

            Greets
            Kay

  4. By Anonymous Coward () on

    In fact -current should be named by next version
    number just after the release of the certain
    version looking toward the next release.

Latest Articles

Credits

Copyright © - Daniel Hartmeier. All rights reserved. Articles and comments are copyright their respective authors, submission implies license to publish on this web site. Contents of the archive prior to as well as images and HTML templates were copied from the fabulous original deadly.org with Jose's and Jim's kind permission. This journal runs as CGI with httpd(8) on OpenBSD, the source code is BSD licensed. undeadly \Un*dead"ly\, a. Not subject to death; immortal. [Obs.]