Forgot your password?
typodupeerror
Operating Systems Security BSD

Why OpenBSD's Release Process Works 310

Posted by timothy
from the those-slides-are-a-bit-dense dept.
An anonymous reader writes "Twelve years ago OpenBSD developers started engineering a release process that has resulted in quality software being delivered on a consistent 6 month schedule — 25 times in a row, exactly on the date promised, and with no critical bugs. This on-time delivery process is very different from how corporations manage their product releases and much more in tune with how volunteer driven communities are supposed to function. Theo de Raadt explains in this presentation how the OpenBSD release process is managed (video) and why it has been such a success."
This discussion has been archived. No new comments can be posted.

Why OpenBSD's Release Process Works

Comments Filter:
  • by Anonymous Coward on Thursday July 16, 2009 @06:46PM (#28724605)

    While OpenBSD does have an outstanding security record, with good design & separation of privileges, they aren't perfect.

    As they say on their website, "Only two remote holes in the default install, in a heck of a long time!" [openbsd.org]

  • Re:Summary? (Score:5, Informative)

    by tjohns (657821) on Thursday July 16, 2009 @06:48PM (#28724629) Homepage
  • Re:It works? (Score:5, Informative)

    by Troy (3118) on Thursday July 16, 2009 @07:49PM (#28725057)

    This is somewhat of an apples/oranges comparison. Linux proper is principally the kernel, while the development teams for most *BSD variants manage both the BSD kernel and the userland. While it may be the case (and I don't know for sure honestly) that there are no viable forks of the Linux kernel, that really doesn't provide a fair basis for comparison.

    I would suggest that a BSD variant (OpenBSD, FreeBSD, etc) is much more analogous to a Linux distribution than just the Linux kernel. When you frame it that way, I think it is safe to say that there is much more fragmentation in the Linux world than the BSD world.

  • Re:Summary? (Score:4, Informative)

    by girlintraining (1395911) on Thursday July 16, 2009 @07:56PM (#28725113)

    If everyone tests, the developers who are "sitting idle" are spending that idle time testing, no?

    It would be pointless to test prior to integration of all submitted components. From the time the first component is completed and submitted and the last, those developers can test, but it's not meaningful if the goal is to evaluate the integrated product as a whole.

  • Re:It works? (Score:5, Informative)

    by Anonymous Coward on Thursday July 16, 2009 @08:00PM (#28725131)

    The original BSD code base was maintained by UC Berkeley and a bare bones system that was used as the basis for many industrial operating systems (e.g. SunOS). It was never meant to be a full fledged operating system for all usages, so different groups forked in order to target special niches. Similarly System-V would be considered forked (e.g. Solaris). Generally one considers both a base design, as neither were mature enough or managed in way to solve all of the purposes that were spawned.

    386BSD was a port of 4.3BSD to x86 and when development ceased then NetBSD and FreeBSD were created simultaniously to continue development.

    It was only the NetBSD/OpenBSD clash that was a political/cultural difference. All others were natural progressions given the maturity of the industry, communication technology, and specializations required. The primary reasons that Linux became successful was (a) the BSD lawsuit, (b) IBM. The SVLUG was one of the earliest user groups and its archives site members stating that they switched communities due to concerns at the time. Still, both were equally popular until IBM became involved in the late 90s promoting it with their illegal spray painting all over San Francisco. As IBM was a hardware company, the GPL was more attractive than the BSD license due to restricting competitors (Sun) from leveraging IBM's contributions. Before IBM's commitment and promotion of Linux, which was followed by other big vendors like SGI for similar reasons, FreeBSD was arguably more popular (e.g. it was adopted by EBay, Yahoo!, and other startups).

  • Wow, just wow. First, that is not a tantrum. Second, he is 100% correct. Trying to alter someone else's copyright notice is a gigantic legal fuckup. Third, all he asks is a lack of modification of copyright notice, no ass-kissing. Fourth, you are a troll.

  • Re:Summary? (Score:1, Informative)

    by Anonymous Coward on Thursday July 16, 2009 @08:36PM (#28725367)

    Well, if we're being pedantic, there is no value held by "most" of those numbers, since "most" requires that at least half have the specified property.

  • by Anonymous Coward on Thursday July 16, 2009 @09:39PM (#28725597)

    This is not just the kernel, it's all remote holes in the default installation. Meaning there have only ever been two (known) vulnerabilities whereby a vanilla install of OpenBSD can be compromised. With the exception of those two holes, any version of OpenBSD is still totally secure today.

  • Re:It works? (Score:4, Informative)

    by girlintraining (1395911) on Thursday July 16, 2009 @10:13PM (#28725751)

    I disagree. The "forks" from original BSD weren't really forks. They were Berkeley giving up on it and letting others take over.

    Berkeley "gave up" exactly once, in 1995. And it wasn't because they made room for others, but because of USL v. BSDi, a lawsuit that probably created the conditions for Linux to rise to power in the first place. Linus himself once said that had there been no legal ambiguity regarding the BSD code base, he probably wouldn't have started a completely new project from scratch.

    Second, since you may be unaware of what a "fork" means, it's simply a point where developers take the existing code and then begin independent development on it. With the exception of Minix and Linux, every UNIX-like operating system has its code base derived from the original Unics in some fashion. Every UNIX variant EXCEPT Minux and Linux has forks that trace back to that.

  • Re:It works? (Score:3, Informative)

    by pathological liar (659969) on Friday July 17, 2009 @12:12AM (#28726311)

    I've never heard that referring to anyone in the BSDs but Theo himself. When was the last time you heard complaints about NetBSD or the FreeBSD core team?

    Matt Dillon, before the FreeBSD -> DragonflyBSD split. I liked him, there were plenty of people who felt otherwise though. I don't pay attention to NetBSD.

  • Re:It works? (Score:4, Informative)

    by diegocgteleline.es (653730) on Friday July 17, 2009 @08:27AM (#28728725)

    Alan Cox hasn't really been an important figure in Linux for like 10 years.

    10 years? I disagree, it hasn't been that long, it'd say 5 or 6 years, since 2.5 started and akpm became the Linus' right hand. And while he has not been as active as he used to be, he still contributes quite frequently (50 changes in 2.6.30, 1032 in the last 10 versions), and he is quite active in the mailing lists. And the kind of work he does is not exactly easy, in the last year he has been fixing the tty locking, a long overdue task that not many hackers (if any) dared to do. He has also been a quite active libata/ide contributor (including new drivers), maintains the 8250 serial driver and edac related things, an sends patches that touch many other places of the tree. He has not the reponsibility he used to have, but i wouldn't say he is not an important figure

  • by skeeto (1138903) on Friday July 17, 2009 @09:41AM (#28729771)
    So the remaining life of BSD is in units of years squared?

"Don't worry about people stealing your ideas. If your ideas are any good, you'll have to ram them down people's throats." -- Howard Aiken

Working...