Contributed by jason on from the sudo-make-me-a-sandwich dept.
Undeadly is proud to present a new series of interviews with OpenBSD developers. Often we focus on the technical aspects of recent commits and new subsystems; this series aims to uncover the personal side of the people that make OpenBSD tick. This month we've tracked down Todd C. Miller (millert@), a member of the project since the early years.
OpenBSD Journal: How long have you been with the OpenBSD project?
Todd Miller: I received commit access in July of 1996. I had submitted some s/key-related patches to NetBSD which were being ignored, but which Theo had applied to the OpenBSD tree. He told me to give OpenBSD a try, so I did. At the time, the fact that it had a packet filter as part of the base OS (it was ipf at the time) was a big selling point for me.
OJ: What was your original role or contribution, and how has it evolved since then?
TM: I started out by updating some of the packages included in the base OS (such as lex, rdist and awk) with more recent versions and fixing up man pages. From there I moved on to replace uses of sprintf() in the tree with snprintf(). Later on I took part in multiple sweeps of the tree for buffer overflows. At one point I was pretty much the go-to guy for the OpenBSD userland, though as my free time has diminished in recent years other developers have taken over that role.
OJ: How do you see OpenBSD's goals changing over the next few years?
TM: As multi-core CPUs become the norm I think we'll see improvements in OpenBSD SMP support as well as the rthreads support being finished. On the other end of things, with the improving support for embedded CPUs I think it is only a matter of time before one of the Taiwanese vendors ships an OpenBSD-based embedded product to avoid GPL issues.
OJ: Where did you go to school?
TM: I have a bachelor's in CS from the University of Colorado, Boulder.
OJ: What got you interested in computer science in general, and C programming specifically?
TM: I've always been the type who likes to take things apart. I got my first computer, an Atari 800, when I was 10 or so. While I initially used it to play games, I did some programming too and taught myself C using it when I was in high school.
OJ: Somewhere along the way you became the official maintainer of sudo. Can you tell us a little bit about how you got involved with this mainstay of the sysadmin's toolkit?
TM: I started doing system administration as a student at the University of Colorado where sudo was in wide use. The version we used was written by two sysadmins at CU. As we got new machines running different variants of Unix we would port sudo to the new platform. After the folks who wrote the CU version of sudo left the University, I helped maintain it internally. At a certain point I felt it would be useful to share these changes with others and so I became the de facto sudo maintainer. My sudo source tree goes back to 1993 and I made the first release in 1994.
OJ: Do you still run across users that pronounce it "Sue Doh"?
TM: Believe it or not there was a discussion about the "right" way to say "sudo" in the sudo wikipedia page. I used to tell people that the correct way is "Sue Doo" but I've stopped correcting people ;-)
OJ: What interests do you have outside of OpenBSD?
TM: Hiking, music, movies.
OJ: Is there a particular genre or musical artist that you prefer to listen to while programming?
TM: Most of what I listen to falls under the rubric of "indiepop". The real reason I haven't been to a hackathon in a few years is that people were making fun of my musical tastes ;-)
OJ: You were involved in porting the SELinux framework to Darwin. How was that experience?
TM: I learned a fair deal on that project. Darwin has an interesting kernel; the Mach and BSD bits are fairly separate (though they are becoming more tightly coupled with each release). The SELinux technology is interesting as well, though it still suffers from some usability issues. The fine-grained access controls on resources and inter-process interactions are quite cool, but they also contribute to the large size and complexity of the resulting security policy.
OJ: It doesn't sound like the SELinux architecture would be a good match for the simplicity desired by OpenBSD developers and users. Are there any similar technologies found in the other BSDs that you feel would be better suited for porting to OpenBSD?
TM: Something that is path-based is probably easier for users to deal with. Strictly speaking, a label-based approach is less prone to races but tends to be more difficult for users. Many of the problems with systrace stem from the fact that the monitor process lives in user space. A systrace-like mechanism where the actual security policy lives in the kernel would certainly be doable, though.
OJ: What is your favorite travel destination?
TM: Hmm, I don't really have one.
OJ: How about a favorite beer?
TM: Think globally, drink locally. One of my favorite local beers is the Brewer's Art Resurrection Ale.
I'd like to thank Todd for taking time out of his schedule for this interview. I look forward to continuing this series with other OpenBSD developers.
(Comments are closed)