Quote:
|
They claim only two remote holes in the base install, which is great, but as outlined in two cases above, once the server adds additional software such as a newer Apache or something else, those claims become less relevant. And what they do for security, which at one time may have been cutting edge (ProPolice, W^X), other OS's have adopted them too.
|
To add to it (I haven't used OpenBSD very much), they encourage the use of binary packages, but they don't update them until the next release (or running -current, which you wouldn't do on a server). The index doesn't show anything changed past February 13th.
Granted, the same thing is there on the FreeBSD release packages, but you at least have the option with ports or tracking -stable.