>If software has a bug, you want to fix it. You don't want to keep running it.
That's sensible, but if money or lives were on the line, I think It'd be better to have a running but potentially vulnerable service. For my use case, this is completely acceptable, I'm just curious about the implications for others. On 10/12/17, Theo de Raadt <dera...@openbsd.org> wrote: >> Perhaps I'm mistaken, but it doesn't seem like there's a facility for >> automatically restarting daemons after a crash or similar. Is the idea >> just that daemons should be designed to not crash? > > Yes. Fail closed. It is the only secure thing to do. > >> I'm familiar with 3rd party tools like daemontools and such that >> provide these facilities, but I can't find anything on this for native >> OBSD services. > > You can build anything yourself, but we're not going to provide such > a mechanism. > > If software has a bug, you want to fix it. You don't want to keep > running it. > > Yes, I get it many people are addicted to the service industry model > of running crap and getting the job done. Lots of stories in the news > about that all the time... >
