, such
that it is not possible to host these services on the same OS.
Whilst there may be some security benefits to whatever isolation is
provided by virtual machines, the real advantage here is the savings on
physical resources.
On Sat, 13 May 2017 00:12:35 +0300
valerij zaporogeci <vlrzpr...@gmail.com> wrote:
&
2017 5:57:11 PM GMT+02:00, I love OpenBSD
>>> <lampsh...@poczta.fm> wrote:
>>>
>>> Both OpenBSD and Qubes OS don't guarantee
>>> perfect security.
>>> Qubes OS has a different take on security
>>> than OpenBSD. Both have different
>&g
s is just linux with a gui for some kvm vms(it sux)
>
>> On May 12, 2017 5:57:11 PM GMT+02:00, I love OpenBSD <lampsh...@poczta.fm>
>> wrote:
>>
>> Both OpenBSD and Qubes OS don't guarantee
>> perfect security.
>> Qubes OS has a different take on
Qubes os is just linux with a gui for some kvm vms(it sux)
On May 12, 2017 5:57:11 PM GMT+02:00, I love OpenBSD <lampsh...@poczta.fm>
wrote:
>
>Both OpenBSD and Qubes OS don't guarantee
>perfect security.
>Qubes OS has a different take on security
>than OpenBSD. Both have
Both OpenBSD and Qubes OS don't guarantee
perfect security.
Qubes OS has a different take on security
than OpenBSD. Both have different
advantages and disadvantages.
Physical separation is more expensive
and you need to transport more devices
from place to place.
Qubes OS lets you run mainstream
;bluechildcry...@yandex.com>:
>Hi,
>
>I am at novice level of security, studying and trying to understand
>some of the different aspects of running an OS and applications as
>securely as possible.
>
>I have been running OpenBSD for years and understand a little of what's
>b
Hi,
I am at novice level of security, studying and trying to understand
some of the different aspects of running an OS and applications as
securely as possible.
I have been running OpenBSD for years and understand a little of what's
being done to make it more secure, albeit not the technical
il [ http://yandex.ru ] 5.0
From: Kim Blackwood <bluechildcry...@yandex.com>
To: misc@openbsd.org
Subject: Qubes-OS is "fake" security
Date: Fri, 12 May 2017 03:41:05 +0200
X-Mailer: Yamail [ http://yandex.ru ] 5.0
Is it the holidays or something?
On Wed, 29 Mar 2017, Stefan Sperling wrote:
On Wed, Mar 29, 2017 at 04:10:15PM +0200, Stefan Sperling wrote:
New diff which fixes another problem where the iwi(4) firmware won't
receive data frames which are protected with RTS frames. This diff
makes iwi(4) work against WPA2 11n athn(4)
On Wed, Mar 29, 2017 at 04:10:15PM +0200, Stefan Sperling wrote:
> New diff which fixes another problem where the iwi(4) firmware won't
> receive data frames which are protected with RTS frames. This diff
> makes iwi(4) work against WPA2 11n athn(4) hostap.
Committed. This fix will be in 6.1.
On Wed, Mar 29, 2017 at 12:22:32PM +0200, Stefan Sperling wrote:
> On Wed, Mar 29, 2017 at 10:50:07AM +0200, Stefan Sperling wrote:
> > iwi(4) is being stupid and does not forward state changes to the
> > net80211 stack. It is a wonder this driver even works at all.
>
> Please ignore the previous
On Wed, Mar 29, 2017 at 10:50:07AM +0200, Stefan Sperling wrote:
> iwi(4) is being stupid and does not forward state changes to the
> net80211 stack. It is a wonder this driver even works at all.
Please ignore the previous diff. I misunderstood how iwi(4) implements
state transitions. It is a bit
On Tue, Mar 28, 2017 at 11:22:17PM -0500, bg2...@jamesjerkinscomputer.com wrote:
> I follow i386 stable and after applying the WPA1/WPA2 MITM fix to 6.0 (#018)
> I can no longer obtain an IP address via dhclient when WPA2 is in use. This
> happens with both PSK and enterprise modes (via
I follow i386 stable and after applying the WPA1/WPA2 MITM fix to 6.0 (#018) I
can no longer obtain an IP address via dhclient when WPA2 is in use. This
happens with both PSK and enterprise modes (via wpa_supplicant). Wireless
(iwi0) connections without encryption work fine.
I tried the
On Thu, 19 Jan 2017 15:51:53 +0100, Nicolas Schmidt wrote:
> Am 19.01.2017 um 12:21 schrieb Theo de Raadt :
>
>>> Then may I suggest to add an option to disable this behaviour for specific
>>> mounts?
>>
>> No.
>>
>> NFS always required reserved ports.
>
> Do you mean that
Am 19.01.2017 um 12:21 schrieb Theo de Raadt :
>> Then may I suggest to add an option to disable this behaviour for specific
mounts
>> ounts?
>
> No.
>
> NFS always required reserved ports.
Do you mean that the "reserved ports restriction" is required as part of the
NFS
he NetBSD man for exports:
"The -noresvport option specifies that NFS RPC calls for the filesystem do
not have to come from reserved ports. Normally, clients are required to use
reserved ports for operations. Using this option decreases the security of
your system."
right place to make this suggestion.
>
>Currently (at least on 5.8, I haven't upgraded yet), the nfs daemon refuses to
>accept a mount request if it comes from a non-privileged port (>=
>IPPORT_RESERVED). As I understand, this was once a 'security feature' in the
>time of mainframes,
Nicolas Schmidt wrote:
> Currently (at least on 5.8, I haven't upgraded yet), the nfs daemon refuses to
> accept a mount request if it comes from a non-privileged port (>=
> IPPORT_RESERVED). As I understand, this was once a 'security feature' in the
> time of mainframes, when acc
(>=
IPPORT_RESERVED). As I understand, this was once a 'security feature' in the
time of mainframes, when access to computer was restricted. In any case, I
believe this behaviour should be changed as it does not provide security, and
also leads to problems: for example, it means one has to
Hi,
I am experimenting with the following setup, which allows me to establish a
connection from OpenBSD client to OpenIKED server on OpenBSD. Both machines
run OpenBSD-stable.
---
// Server config
$ cat /etc/iked.conf
ikev2 "vpnserver at aa.bb.cc.dd" passive esp \
 from 0.0.0.0/0 to 0.0.0.0/0 \
The rank would be probably (if only counting the OS itself, no ports, no custom
things, responsible admin):
1. OpenBSD
2. HardenedBSD
the remaining are not security oriented. From what are you trying to defend?
> Sent: Monday, November 07, 2016 at 1:32 PM
> From: "SOUL_OF_ROOT 55&
Make your homework and come back to this list to ask questions when you have
real ones.
On 2016-11-07 20:32, SOUL_OF_ROOT 55 wrote:
Sorry for this question:
What is the difference between the security of HardenedBSD, security of
FreeBSD, security of NetBSD, security of OpenBSD and security of
DragonflyBSD?
Thank you
Mate, your questions come off as very general, maybe too
Sorry for this question:
What is the difference between the security of HardenedBSD, security of
FreeBSD, security of NetBSD, security of OpenBSD and security of
DragonflyBSD?
Thank you
> itself temporarily creates a lock file in /var/mail:
>
> -rw--- 1 root wheel 0 Oct 21 23:55 meunier.lock
>
> At the same time, /etc/daily runs /usr/libexec/security. The
> check_mailboxes function in that file loops over all the files in
> /var/mail and checks whether
Kamil Cholewiński wrote:
>Try using aliases(5) instead
Okay, but still, security(8) ought not to generate bogus warnings
regardless of the method used to forward emails (and there are also
probably other ways that a lock file might end up in /var/mail, using
a .forward file just happ
On Fri, 21 Oct 2016, Philippe Meunier wrote:
> When cron runs /etc/daily, that script runs df and netstat and the
> output is sent by email to root. On my system, emails to root are
> forwarded to local user meunier using /root/.forward. The forwarding
> itself temporarily
0 Oct 21 23:55 meunier.lock
At the same time, /etc/daily runs /usr/libexec/security. The
check_mailboxes function in that file loops over all the files in
/var/mail and checks whether the owner of the file matches the name of
the file. If check_mailboxes happens to be running exactly at the
same
presence of Intel AMT...
It's not just Intel either:
https://www.amd.com/en-us/innovations/software-technologies/security
Catering to low-level laziness at the expense of everyone who dares use
these chips.
There appears to be a niche market possibly emerging in Russia as
a result of this kind of t
On 14.10.16 22:48, Raul Miller wrote:
On Fri, Oct 14, 2016 at 2:50 PM, thrph.i...@gmail.com
wrote:
" The only truly secure system is one that is powered off, cast in a block of
concrete and sealed in a lead-lined room with armed guards - and even then I have my
doubts."
On Sun, Oct 16, 2016 at 08:37:54PM +0200, Peter Janos wrote:
> use S for extras security at the expense of performance. Use other options
> only if you know what you are doing and have specific needs.
> BTW, ssh and sshd enable S by themselves.
>
> -Otto
Some background on th
On Sun, Oct 16, 2016 at 07:10:54PM -0500, Patrick Dohman wrote:
>
> > nonsense. daily security is mailed *if it is non-empty*. Same goes for
> > weekly and mothly.
> >
> > -Otto
>
> i guess that’s explains why the output of who was omitted from the inse
There needs to be a new law like Godwin's Law that states that any
technical discussion will eventually and inevitably lead to
Hitchhiker's Guide references.
But to follow on from what Raul said, it may be impossible to make
your system 100% secure without violating part 15 of the FCC rules,
> nonsense. daily security is mailed *if it is non-empty*. Same goes for
> weekly and mothly.
>
> -Otto
i guess that’s explains why the output of who was omitted from the
insecurity out
use S for extras security at the expense of performance. Use other options
only if you know what you are doing and have specific needs.
BTW, ssh and sshd enable S by themselves.
-Otto
-> so "S" is the best way, Thanks! :)
Sent: Friday, October 14, 2016 at 12:20 PM
From: "
...
Still nothing about NSA or other conspiracies in security field?
On Sat, Oct 15, 2016 at 03:57:57PM -0500, Patrick Dohman wrote:
> The daily security out being emailed is also default disabled ;)
>
> The monthly & weekly outs never seem to work either.
nonsense. daily security is mailed *if it is non-empty*. Same goes for
weekly and mothly.
-Otto
On Fri, 14 Oct 2016 20:50:20 +0200
"thrph.i...@gmail.com" wrote:
> or this kind...
>
> " The only truly secure system is one that is powered off, cast in a
> block of concrete and sealed in a lead-lined room with armed guards -
> and even then I have my doubts. "
>
It
The daily security out being emailed is also default disabled ;)
The monthly & weekly outs never seem to work either.
Regards
Patrick
> On Oct 15, 2016, at 11:20 AM, Peter Janos <peterjan...@mail.com> wrote:
>
> remote supervisor/console solutions are still turned on while
i...@gmail.com>
> Cc: "OpenBSD general usage list" <misc@openbsd.org>
> Subject: Re: What are the security features in OpenBSD 6.0 that are by
> default disabled?
> On Fri, Oct 14, 2016 at 2:50 PM, thrph.i...@gmail.com
> <thrph.i...@gmail.com> wrote:
>>
gt;
To: "thrph.i...@gmail.com" <thrph.i...@gmail.com>
Cc: "OpenBSD general usage list" <misc@openbsd.org>
Subject: Re: What are the security features in OpenBSD 6.0 that are by
default disabled?On Fri, Oct 14, 2016 at 2:50 PM, thrph.i...@gmail.com
<thrph.i...@gmail.
On 2016-10-15 02:03:54, Joel Sing wrote:
>
> The number of rounds specified for bcrypt_pbdkf(3) is linear, not logarithmic
> (unlike bcrypt(3)). That said, the processing required for each round is
> significantly higher than that of pkcs5_pbkdf2(3) (using `bioctl -r auto
On Fri, Oct 14, 2016 at 2:50 PM, thrph.i...@gmail.com
wrote:
> " The only truly secure system is one that is powered off, cast in a block of
> concrete and sealed in a lead-lined room with armed guards - and even then I
> have my doubts. "
Powered off works surprisingly
On Fri, 14 Oct 2016 21:20:23 +0300
Mihai Popescu <mih...@gmail.com> wrote:
> > ...
>
> Prepare now for posts on this thread showing that if he/she runs a
> proper OS, everybody can be a security expert.
>
> Have fun!
>
or this kind...
" The only truly secur
> ...
Prepare now for posts on this thread showing that if he/she runs a
proper OS, everybody can be a security expert.
Have fun!
On Friday 14 October 2016 18:19:21 Bryan Linton wrote:
> On 2016-10-14 09:21:24, Peter Janos wrote:
> > Hello,
> >
> > [snip]
> >
> > ps.: it would be nice to have a feature in the default installer to
> > install
> > with full disc encryption :) we still have to escape to
On Fri, Oct 14, 2016 at 09:21:24AM +0200, Peter Janos wrote:
> Hello,
>
> I know some features that can give additional security isn't turned on due to
> because of the bad quality of the code in ports and some also decreases
> performance (or disables a feature, ex.: screenlo
On 2016-10-14, Peter Janos <peterjan...@mail.com> wrote:
> Make as many files immutable with "chflags schg filenamehere" as you can.
This could be seen as an *in*security feature because now it's an utter
pain to update software that has bugs.
On 2016-10-14 09:21:24, Peter Janos wrote:
> Hello,
>
> [snip]
>
> ps.: it would be nice to have a feature in the default installer to install
> with full disc encryption :) we still have to escape to shell during install
> and ex.:
>
> install60.iso
> (S)hell
> dmesg |
Hi,
i just want to say that those security messures you describe here don't
improve the security for every user or use case. Everybody should know exactly
what he is doing bevore enabling or changing them. I think if you use such
security messures you better should be able to help yourself if you
hat can give additional security isn't turned on due to
> because of the bad quality of the code in ports and some also decreases
> performance (or disables a feature, ex.: screenlock doesn't work if nosuid
> set, but if feature not used, nousid can be used).
>
> I only know
Hello,
I know some features that can give additional security isn't turned on due to
because of the bad quality of the code in ports and some also decreases
performance (or disables a feature, ex.: screenlock doesn't work if nosuid
set, but if feature not used, nousid can be used).
I only know
Thanks, Vijay. Thatâs exactly what I couldnât find in the documentation.
(Now that I know what to look for, I see the line in security(8)âs manpage
that I overlooked.)
CCâing list to help the next person with this questionâ¦
-Aadm
From: Vijay Sankar [mailto:vsan...@foretell.ca]
Sent
I have RTFMed and googled, but I still canât figure out how to do one simple
thing: make security(8) ignore a single file that changes on a daily basis,
where that file is otherwise monitored due to /etc/mtree/4.4BSD.dist.
The file in question is /var/unbound/db/root.key, which I have auto
On Thu, Oct 06, 2016 at 08:17:02AM -0500, Adam Thompson wrote:
> I have RTFMed and googled, but I still can???t figure out how to do one simple
> thing: make security(8) ignore a single file that changes on a daily basis,
> where that file is otherwise monitored due to /etc/mtree/4.
Hi,
on a lighter note, 'cause i usually (with exceptions :) like doing
what i like to do better than arguing with people who happen to
misunderstand it...
Theo de Raadt screamed on Fri, Aug 19, 2016 at 08:25:40AM -0600:
> AND WHERE IS THE PONY.
Right here:
> OK I have done a lot of cutting and I may have put your words out of context,
> this isn't intended of course, however I feel when you say "OpenBSD isn't a
> PRODUCT" that this just can't be. By that I mean, that I buy every CD that
> comes out, a) it has an ISBN number so it's a book (but not
> > You never purchased an agreement for it to be serviced.
>
> I'm not expecting that. But the "hint" that this will not be serviced
> should be there.
The lack of a promise is enough.
> > Then, you stand here and demand things? You sir, are just wastewater.
>
> I simply suggested a line to
> Not "purely" but in common parlance and practice I do regard prompt
> installation of fixes for "security flaws" as part of "security" in its
> usual sense, yes.
Then hire some people to do it.
Our crew who cares about a subset of that is at their
ucing confusion.
> You are labelling "security" as purely "dealing with yesterday's bugs"
> essentially for "customers" -- and we don't have customers.
Not "purely" but in common parlance and practice I do regard prompt
installation of fixes for "sec
On 08/19/16 17:43, Theo de Raadt wrote:
>>> You even come to the conclusion that such work isn't going to happen
>>> for free, but leave the result dangling. Especially since OpenBSD
>>> isn't a PRODUCT. If product-servicing is a requirement, first of all
>>> choose something which is a PRODUCT,
> > You even come to the conclusion that such work isn't going to happen
> > for free, but leave the result dangling. Especially since OpenBSD
> > isn't a PRODUCT. If product-servicing is a requirement, first of all
> > choose something which is a PRODUCT, then choose a PRODUCT VENDOR who
> >
> You even come to the conclusion that such work isn't going to happen
> for free, but leave the result dangling. Especially since OpenBSD
> isn't a PRODUCT. If product-servicing is a requirement, first of all
> choose something which is a PRODUCT, then choose a PRODUCT VENDOR who
> actually
Theo de Raadt wrote:
Especially since OpenBSD
isn't a PRODUCT. If product-servicing is a requirement, first of all
choose something which is a PRODUCT, then choose a PRODUCT VENDOR who
actually does SERVICING.
Nicely put. My open source Ublu (https://github.com/jwoehr/ublu) is currently
> > I was wondering if packages for -release would be fixed if a security
> > issue is found in one of these third party programs, which could be
> > updated with pkg_add -u.
>
> It's a good question. I was quite amused to notice the juxtaposition of:
>
> ] Our
On 2016-08-19, Thuban <thu...@yeuxdelibad.net> wrote:
> I was wondering if packages for -release would be fixed if a security
> issue is found in one of these third party programs, which could be
> updated with pkg_add -u.
No, they're not, they're fixed for release and not furthe
Hi,
haveva look at this:
https://stable.mtier.org/
Regards
Am 19.08.2016 08:59 schrieb "Thuban" <thu...@yeuxdelibad.net>:
> Hello,
> I was wondering if packages for -release would be fixed if a security
> issue is found in one of these third party programs,
On Fri, Aug 19, 2016 at 8:58 AM, Thuban <thu...@yeuxdelibad.net> wrote:
> Hello,
> I was wondering if packages for -release would be fixed if a security
> issue is found in one of these third party programs, which could be
> updated with pkg_add -u.
>
Officiall
is a bit weird, since updates do get published,
its just
that you also need to chip in with a bit of effort if your particular port
got a security
update in -stable. So the project can still be about security if it does
updates, even
if you can't just lean back and open your mouth and get spoonfed
On 19 Aug 2016, thu...@yeuxdelibad.net wrote:
> I was wondering if packages for -release would be fixed if a security
> issue is found in one of these third party programs, which could be
> updated with pkg_add -u.
It's a good question. I was quite amused to notice the juxtaposition o
Hello,
I was wondering if packages for -release would be fixed if a security
issue is found in one of these third party programs, which could be
updated with pkg_add -u.
Or does someone has to stay up to date and usr ports to upgrade each
single package on his system to follow -stable
https://techcrunch.com/2016/08/04/apple-announces-long-awaited-bug-bounty-program/
Any security researchers on the list?
If you're interested in supporting OpenBSD, Apple might match the bug
bounty toward a certain Canadian not-for-profit foundation.
At first I though it was spam, then I notice it was addressed to misc. Oh, okay.
Hello,
This has been repeatedly advertised over the last few weeks;-
http://www.JobServe.Co.UK/Eo4Sa
I've no connection with it, or the agency,
but it might be somebody's cup of tea.
Usual British hours are 37.5/week, ~30 days paid holiday & monthly pay.
irectories follow the same pattern as the
directories, I'd say so.
>
> Johan
>
>
> > 30 juni 2016 kl. 19:54 skrev Alexander Hall <alexan...@beard.se>:
> >
> > On Wed, Jun 29, 2016 at 09:37:36PM +0200, Stefan Sperling wrote:
> >> On Wed, Jun 29, 2016
Johan
> 30 juni 2016 kl. 19:54 skrev Alexander Hall <alexan...@beard.se>:
>
> On Wed, Jun 29, 2016 at 09:37:36PM +0200, Stefan Sperling wrote:
>> On Wed, Jun 29, 2016 at 08:15:35PM +0200, Johan Tärnklint wrote:
>>> Seeking advice / security tips.
>>>
>>
On Wed, Jun 29, 2016 at 09:37:36PM +0200, Stefan Sperling wrote:
> On Wed, Jun 29, 2016 at 08:15:35PM +0200, Johan Tärnklint wrote:
> > Seeking advice / security tips.
> >
> > Is it safe to create /var/www/htdocs/user1 and symlink to their home
> > folder?
> >
On Wed, Jun 29, 2016 at 08:15:35PM +0200, Johan Tärnklint wrote:
> Seeking advice / security tips.
>
> Is it safe to create /var/www/htdocs/user1 and symlink to their home folder?
>
> Then set permissions to user1:www on /var/www/htdocs/user1 ?
>
> Does it break the chroo
Seeking advice / security tips.
Is it safe to create /var/www/htdocs/user1 and symlink to their home folder?
Then set permissions to user1:www on /var/www/htdocs/user1 ?
Does it break the chroot? Is it safe? Better solution?
New OpenBSD user and very happy.
Thanks in advance.
Johan
ystems as they
often require many PHP functions and often think of security as an after
thought.
--
KISSIS - Keep It Simple So It's Securable
Hi David,
On 2016-04-27 Wed 00:54 AM |, David Lou wrote:
>
> a blog. Honestly, for now I just want a piece of the web that I own,
> where I can just post whatever I want. It could just be that I have
> something I want to share with friends or colleagues, and I can
> direct them to a URL that
Hi David,
On 2016-04-27 Wed 00:54 AM |, David Lou wrote:
> Instead of a comment section, which seems
> like a headache, I'll just replace it with an email address so a
> reader can reach me if he/she really wanted to. Though I'm not sure
> what's the best way to prevent spam (or other ways in
Folks, move the cheap chat bazar to somewhere else, please.
I am pretty sure anyone is a blog expert those days. I damn hope you
will not bring in the Google Ad Sense program or other crazy thing
related.
Thank you.
> So, given all the feedback I got, I'm gonna adjust my proposed
> project a bit. It's just gonna be a web server, and a bunch of static
> content pages. You guys proposed many different solutions for these--
> I haven't had the chance yet but I'll need to assess which one I'm
> going to use
I
On 04/26/2016 04:47 AM, Erling Westenvik wrote:
$ pkg_info blogsum
I use(d) Blogsum, but last I looked it pulled in Apache 1.3. I tried
and failed to get it working under the new httpd chroot (too many Perl
dependencies). I have a better understanding of httpd now, but I've
lost
David Lou wrote:
> (btw, isn't the "built-in" httpd webserver just Apache? Google seems
> to tell me that they're synonyms)
Nope, Apache was bundled a long time ago and was replaced with Nginx,
which was replaced with httpd in July 2014. httpd is an HTTP server that
is developed in the OpenBSD
Hello,
Wow, thank you for all responses. I did not expect this many. You
guys are really helpful!
I had a feeling my original plan was too complicated. I appreciate
that you guys are pointing it out. Honest feedback is good feedback.
No need to spare any feelings if I'm doing something wrong. :)
> Anyway, if you wnat to add comments to a static site, you can host it
yourself instead of using Disqus.
Disqus is unfortunately Linux only due to Docker. There's an effort to port
Docker to FreeBSD but I haven't tested it yet.
Disqus, being Ruby on Rails, could be deployed like a conventional
On 2016-04-26 14:24, Kamil Cholewiński wrote:
On Tue, 26 Apr 2016, ra...@openmailbox.org wrote:
If you want to make a dynamic "web application" then consider using
ur/web [1]. The programming language itself protects against SQL
injection, XSS attacks, CSRF attacks.
I hate to bring the bad
set of requirements for a 1 man show.
You can abandon reading now & order it from a commercial support vendor.
> > I'm shying away from popular solutions such as WordPress because
> > (1) I'm not sure if it even installs on OpenBSD and more importantly
> > (2) I'm not convinced tha
Tue, 26 Apr 2016 12:36:32 +0200 Kamil Cholewiński
> On Tue, 26 Apr 2016, li...@wrant.com wrote:
> > Reality check, structured text presentation beats any sort of generator:
> >
> > [https://en.wikipedia.org/wiki/Lightweight_markup_language]
>
> I agree with using an LML, but
On 04/26, David Lou wrote:
When I say 'blog', I'm referring to a website that contains
essentially many pages of content. Each content page has attributes
such as title, date, category, tags, and so on. When a user browsers
this website, the content pages are served in a visually attractive
The thing you should ask yourself is "what do I really need?" before
installing a huge and useless CMS.
+1 for a static site generator. I use swx [1] on my own, its just a
markdown converter with some script to add rss feed, sitemap and so. But
there are so many.
There is also many small blog
On Tue, 26 Apr 2016, ra...@openmailbox.org wrote:
> If you want to make a dynamic "web application" then consider using
> ur/web [1]. The programming language itself protects against SQL
> injection, XSS attacks, CSRF attacks.
I hate to bring the bad news, but this language / framework has
because (1)
I'm
not sure if it even installs on OpenBSD and more importantly (2) I'm
not
convinced that it adheres to the OpenBSD principles of correctness and
proactive security.
Hello, and welcome.
A static website generator is a safe bet. You can use bashblog or any
similar alternative
If I'm not mistaken Obama used Jekyll (https://jekyllrb.com/) for his
campaign.
--Murk
-- Forwarded message --
From: Kristaps Dzonsons <krist...@bsd.lv>
Date: Tue, Apr 26, 2016 at 2:10 PM
Subject: Re: Creating a blog using OpenBSD: technology choices and security
consider
FWIW, I use my own http://kristaps.bsd.lv/sblg all the time. It just
knits together HTML (XML style) articles via a Makefile. No python or
markdown or any crap. Not sure if it's in ports yet. (I think A.
Bentley had one?)
Hi David:
I'd recommend you using a static content generator like pelikan (which
is in ports). The generator is written in python but the content is
static.
Regards.
Pablo
On Tue, Apr 26, 2016 at 12:54 PM, Murk Fletcher
wrote:
> Hi!
>
> Both Perl and PHP are dying
> This is infantile, and stupid beyond acceptable. [...snip...] Bullshit.
Usually when people get this emotional it's because they either a) spent
their entire lifes learning one of these obsolete languages and are now
getting defensive, b) never actually built anything that people want to use.
301 - 400 of 1391 matches
Mail list logo