Hello all, I'm new to the mailing list so feel free to yell at me if I messed something up here.
I currently use OpenBSD on my laptop for a number of reasons, mainly performance and hardware support. However, I have been considering setting up a multiuser POWER9 box for some Discord friends and I to work on in a hobbyist setting (these things are expensive and I'm the one who currently has the machine we want to work on), but need to know if OpenBSD is a good option for that. As it apparently lacks mitigations for multiple medium-risk hardware side channel attacks, I think it is important to ask: What does OpenBSD do to stop an unprivileged user with access to a compiler or shell from copy-pasting a proof-of-concept exploit to siphon e.g. SSH private keys, root passwords and the like, or are these more difficult to exploit than I give them credit for with things like (K)ASLR enabled? Thanks, - Dave
