Just a note to the OpenBSD community: I have been helping a friend clean up after a security incident with a PHP web app that hadn't been patched on a Linux server. I run the same app on OpenBSD, and I worry a lot less. I still patch my PHP apps because it would be stupid to assume that OpenBSD would always protect me, but looking at how the exploit happened, I see that OpenBSD's apache chroot would have prevented that particular attack. So: * Developers: Thanks for the proactive security! * Users: Put the effort into making your stuff work in the chroot.
-- Will Backman - Network Administrator Coastal Enterprises, Inc. http://www.ceimaine.org
