OpenBSD is a free Operating system of the type Unix, derived from 4.4BSD. Created in 1994 by Theo de Raadt, OpenBSD is resulting from separation with NetBSD, oldest of the three other principal operating systems of the family of the BSD today in activity. The OpenBSD project is famous for its intransigence on the freedom of the software and the source code, the quality of its documentation, and the importance attached to safety and integrated cryptography.

OpenBSD includes a certain number of security measures absent or optional in other operating systems. Its developers have as a tradition to carry out audits of code in the search of problems of safety and bugs. The project pursues strict policies on the licenses and prefers the license Open source BSD and its alternatives: in the past, this led to one exhaustive audit of the licenses and the replacements, to see suppressions of codes under licenses considered as less acceptable.

Following the example majority of the operating systems based on BSD, the core of OpenBSD and its user's programs, such as the Shell the usual and tools like cat and PS, are developed in a single deposit CVS. The third software is offered in binary packages, or can be compiled since their sources thanks to the collection of the ports.

OpenBSD functions on 16 different material platforms, in particular alpha, amd64, Armish, Hp300 (HP 9000 series 300 and 400), hppa, I386, Luna88k, mac68k, macppc (Power Macintosh), Mvme68k, Mvme88k, sgi, sparc, sparc64 (UltraSPARC machines), VAX, Zaurus. Architecture cats will not be supported any more after version 4.0. OpenBSD also supports the emulation of the binary SVR4 (Solaris), FreeBSD, Linux, BSD/OS, SunOS and HP-UX.

The project is coordinated by Theo de Raadt of its house with Calgary, Alberta, Canada, and the mascot of the project is Puffy, a moonfish.

History

Theo de Raadt was the cofounder of NetBSD, and member of the development team. In 1994, the team required of him to resign and its access to CVS was revoked. The reasons of this ousting remain dubious to date, but several other members of the team of NetBSD mentioned problems of relations with Raadt. It was in particular reproached to him for being unpleasant with the users by employing an aggressive tone on the lists of discussion of NetBSD.

Personality of Theo de Raadt

With the dires many other personalities of the free software, whose Linus Torvalds, that of Theo de Raadt is famous as being frank and difficult. Its catches of clear-cut positions cause conflict, and are sometimes regarded as wounding. De Raadt declared this in connection with the operating system GNU/Linux in an interview with the Forbes newspaper: “It is terrible Everyone uses it, and they do not realize at which point it is bad. And the users of Linux will be satisfied some and will pack it rather than to take retreat and to say " It is anything and would owe us there remédier". ”

Although its personality leaves seldom indifferent, the majority of the commentators agree to recognize in Theo de Raadt a talented programmer and a guru of safety. Its spontaneousness, that some appreciate, was illustrated in this conflict with the team of NetBSD, whose majority of the members keep still today silence on this episode. Contrary, Theo de Raadt answered all the questions which were asked to him, and placed at the disposal the exchanged emails and the logs of the living rooms of discussion with the team of NetBSD.

A forced resignation

Theo de Raadt was not excluded from the start of the NetBSD project. Deposit CVS of this project requires various levels of rights in reading and writing. As a cofounder and the second most active contributor, of Raadt had an access in reading and writing on the basis of system. The team of NetBSD then withdrew the possibility to him of directly sending modifications in the deposit, and of making these changes permanent. De Raadt was then constrained to send each one of its contributions by email to a member of the team for examination.

De Raadt regarded this measurement as abusive and vainly tried to recover a full access to deposit CVS of NetBSD. The development team wanting to make sure that her contributions would be “positive”, it proposed in Raadt several solutions among which a letter to be signed, summarizing the conditions, the rights and the duties of Raadt. After several months of arguments on the lists of discussion of the project, of Raadt resigned officially and created in 1994 the operating system OpenBSD according to version 1.0 of NetBSD, like authorized the license of it.

The creation of OpenBSD

After the creation of OpenBSD, each project tried to attract with him developers. Two quasi hermetic camps were formed quickly, and several developers of NetBSD followed of Raadt. This last realized that a certain number of emails and letters published on its personal Web site had disappeared. Although he formally refused to accuse members of the team of NetBSD, Theo de Raadt decided to examine the safety of NetBSD, that he judged defective.

Shortly after the creation of OpenBSD, Theo de Raadt was contacted by Secure Networks Inc. (or SNI), a local company of security software which developed a tool of audit of safety network named Ballista (famous in Cybercop Scanner after the repurchase of SNI by Network Associates), intended to find and try to exploit the possible security breaches of a software. This coincided with the clean interest of Raadt in safety: the two parts thus decided to cooperate, in a particularly beneficial relation which led to the publication of OpenBSD 2.3.

The safety and the audit of the code

This co-operation also made it possible the project to concentrate on a precise point: the OpenBSD developers should try to make what correct, clean and is made safe, even with the detriment of the facility of use, speed or functionalities. The faults of OpenBSD becoming detectable with more difficulty and exploitable, the company of safety ruled that the audit of code had become too difficult and not very profitable. After years of co-operation, the two parts agreed to think that their common objectives had been achieved and separated.

The argument of the low number of exploitable faults remotely

Until June 2002, the Web site of OpenBSD posted the following slogan:

“No security breach in the installation by defect in nearly 6 years. ”

In June 2002, Mark Dow of the company Internet Security Systems discovered a fault in the code of OpenSSH which implemented the authentification by question. It was the first vulnerability discovered in the installation owing to lack of OpenBSD which makes it possible an attacker to remotely reach the account superutilisator. The widespread use of OpenSSH at this time was at the origin of the gravity of the fault, which affected a considerable number of other operating systems. This problem required the adjustment of the slogan of the Web site of OpenBSD:

“Only one distant fault in the installation by defect in addition to 10 years. ”

This assertion was criticized because of the little of software activated in the installation owing to lack of OpenBSD, and the fact also that distant faults had been discovered after the publication of a version. However, the project insists on the fact that the slogan refers to the installation by defect, and that it is thus correct on this level. One of the fundamental ideas subjacent in OpenBSD is to conceive a simple system, clean and made safe by defect. For example, the minimal adjustments by defect correspond to the standard practice in computer security which consists in as activating few services as possible on the systems in production, and the project practices audits of codes considered as being important components of the safety of a system.

In March 2007, the discovery of a new fault in OpenBSD, being in pile IPV6, required the replacement of the slogan by:

“Only two remote vulnerabilities in the installation by defect, lasting more than 10 years! ”

Principal functionalities of safety

OpenBSD includes a great number of specific functionalities intended to improve safety, in particular:

• of the modifications of the API and the Toolchain S, such as the functions Strlcpy and Strlcat, and a checking of the Static bounds;
• of the techniques of memory protection to prevent the invalid accesses, such as ProPolice, StackGhost, and of the functionalities of protection of the pages memories W^X (W xor X), and of the modifications of Malloc;
• of the functionalities of Cryptography and generation of random random numbers, in particular by improvements of the layer network and the addition of the algorithm Blowfish for the figuring of the passwords.

The management of the privileges

To reduce the risk of a vulnerability or a misconfiguration allowing the usurpation of privileges, certain programs were written or adapted to use the separation of the privileges, the revocation of the privileges or the setting out of cage.

separation of privileges is technique, pionnière on OpenBSD and inspired of principle of least privilege, in which a program is divided into two or several parts, of which one carries out the privileged operations, and the other - almost always the remainder of the code - functions without privilege. The revocation of the privileges is similar and implies that a program carries out all the operations necessary with the privileges with which it was launched, then that it gives up these privileges. The put out of cage implies to restrict the environment of execution of a program to part of the filesystem, thus prohibiting it to reach zones which contain system files or private.

The developers applied these functionalities to the OpenBSD versions of the common applications, in particular Tcpdump and the Web server Apache, which is only one version 1.3 heavily modified because of problems of licenses with the series Apache 2.

Audits of code

The project pursues a policy of permanent audit of the code in the search of security issues, a work that the developer Marc Espie describes like “ever finished more one question of process that of research of a specific bug. ” This last produced a list of several typical stages besides to follow when a bug is detected, in particular the complete examination of the sources in the search of identical and similar problems, “trying to determine if documentation requires to be amended”, and while inquiring to know “if it is possible to improve the compiler to produce warnings on this specific problem. ” Following the example DragonFly BSD, OpenBSD is one of the two free operating systems whose policy is to seek code C with the traditional format pre ANSI, and to convert it into its modern equivalent ANSI. This should not imply changes of functionalities and is carried out only at ends of legibility and coherence. Standard of style, Kernel Normal Form, which dictates which must be the form of the code to facilitate its maintenance and its comprehension, must be applied to any code before it can be included in the basic operating system. The existing code is unceasingly updated to correspond to these conventions of style.

The name

The name of OpenBSD comes from the adventure NetBSD of Theo de Raadt, indeed CVS of NetBSD was not accessible to the official not-developers (only the releases were diffused), for its Fork, Theo de Raadt installed a waiter public CVS (everyone could reach the last sources of the project).

Mascot

Like the other BSD (FreeBSD and NetBSD), OpenBSD has as a mascot BSD Demon (alias Beastie ). It also has like clean mascot the Blowfish , alias Puffy . The latter is a reference to the cryptographic algorithm of Bruce Schneier of the even name (used inter alia by OpenSSH): its attractive graphics associated with the defensive aspect impressing of the Poisson-Lune roughcast points (the famous Fugu Japanese ) made it very popular. Each version of OpenBSD is accompanied by a piece of music as well as board of cartoon generally putting in Puffy scene. There recently exist derivatives of Blowfish drawn way Manga, Sushi Fugu and Harisenbon.

State of the project

OpenBSD is currently in version 4.2 (since November 1st, 2007).

The team carries out a version every 6 months.

The development team proposes the fact that the system was victim only of 2 exploitable security breaches remotely in the installation by defect in addition to ten years.

Note: according to the site undeadly.org, the OpenBSD project would undergo financial losses of about 20.000 $ per annum since 2004, that is to say a deficit rising with nearly 40.000 $.

Other projects

The team of OpenBSD also works on other projects which become parts with whole share of OS and which are also carried (or portables) on others Operating systems. Among these projects in progress, one can quote:

• OpenSSH : implementation of HS, communication protocol protected. It is the most known project of the group.
• OpenBGPD : protected implementation of the service of routing BGP.
• OpenNTPD : simplified and made safe implementation time service of synchronization NTP.
• OpenCVS : simplified and made safe implementation protocol CVS.
• the Fire wall and the software continuation Packet Filter, which is now integrated in the majority of the systems BSD.

Moreover, various Application program interface made safe, like strlcat (3), strlcpy (3), strtonum (3) or arc4random (3) is provided. These API is often included in other software or operating systems.