The statement holds true though (well, I trust it does, I can't verify). They're "bragging" about holes, or lack thereof, in their software, not third party software. It's a matter of personal preference how much needs to be added to a base install to make it good for your use. I use complete base installs as routers, so I suppose one's need for additional software is relative to the intended use.
On Thu, Apr 3, 2014 at 7:04 PM, Martin Braun <yellowgoldm...@gmail.com>wrote: > As we all know on the front page of OpenBSD it says "Only two remote holes > in the default install, in a heck of a long time". > > I don't understand why this is "such a big deal". > > A part from the base system in xBSD, OpenBSD - so far - also contains a > chrooted web server, that can't be used for much else than serving static > content, and then the X system, which also can't be used for anything > before installing some third party application. > > All in all the default install is pretty useless in itself and I am going > to quote "Absolute OpenBSD" by Michael Lucas: > > «You're installed OpenBSD and rebooted into a bare-bones system. Of > course, a minimal Unix-like system is actually pretty boring. While it > makes a powerful foundation, it doesn't actually do much of anything.» > > So we need those third party applications to start the party, yet none of > these applications receives the same code audit, security development and > quality control as OpenBSD does. > > As soon as we install a single third party application our entire operating > system is, in theory at least, compromised as these third party > applications gets installed as root. > > Maybe I am just plain stupid, but could someone explain to me the point in > "bragging" about only two remote holes in the default install, when the > default install is useless before you add some content to the system, > unless you're running a web server serving static content only. > > Best regards. > > Martin
