Hi, I am using OpenBSD on a desktop system for about a year now and have some open questions about the project goals. I have read http://www.openbsd.org/goals.html , but I think it does not answer some questions.
One question is what the ideal status of OpenBSD would be. Right now there are core applications (which include also Sendmail and Apache) and the ports. Would it be a goal for OpenBSD to provide most functionality as part of core? I mean its clear that the ports and packages are not audited as the applications in core are. But generally there is no argument for why one application should get more auditing than another, except when you say that you want to provide only one of a kind. Maybe this question is not OpenBSD specific but merely a question of what a goal of an operating system should be. The goals on the project homepage focus more on what is different on OpenBSD. My understanding is that OpenBSD (most BSDs and Unices and also Plan9) strive to provide all basic functionalities as part of the core distribution. And on Linux the mentality is rather that the operating system is rather a collection of different parts - and that each part is an individual package - so there is generally no sense of a "core" besides the Linux kernel and maybe the base-files package. Another interesting and realted question is what should be provided by default. OpenBSD got some criticism that it has not enabled many services by default and does not take into account non-default installs of some random packages or ports when it comes to security leaks. But OTOH OpenBSD provides Apache and Xorg/Xenocara as core file sets, which I think no other operating system does? As far as I looked other BSDs provide Apache and Xorg as ports rather? So one could also say that OpenBSD is actually providing not less but more. Most Linuxes will install and Xorg plus a desktop like KDE or GNOME by default - but then all those are just distribution-provided packages which are not audited well on most Linuxes. Right now I see the wholeheartedness on working on the operating system as what makes up OpenBSD and differs it from other OSes. I think although security is a focus this is really more a benefit of the development process. I mean security does not come from statements and also not from having it as a goal. I would say that the Debian guys wont say that security was unimportant to them, nor would any OS state that. The difference lies in how people act - and maybe also how much progress is seen of just providing the latest and greatest. Regards, Thilo
