Maybe the company that prints the CD's has become faster?
The release was tagged 10 days ago, and I believe previously the reason for the delay between the tagging in CVS and the actual release was due to the speed of which CDs/DVDs could be pressed.
Basically if a usermode process is compromised on OpenBSD 6.0, there will be less system call surface area for attackers to hit.
This leaves the vast majority of OpenBSD users more secure.
As someone who's used OpenBSD daily as a primary desktop OS, usermount will force me to use doas(1) (the replacement for sudo) to mount external media on my desktops/laptops. No big deal. Honestly, I usually do that anyway, just force of habit. Checking my systems, I only set kern.usermount on my daily-driver laptop, and none of my other OpenBSD boxes.
None of the other changes impact anything I do on a daily basis. I haven't used Linux emulation since 2006 or so, and even then, it was a gigantic pain in the ass. The devs have a native virtual machine hypervisor in the works that I was hoping would be ready for prime-time in OpenBSD 6.0. I doubt it'll be ready that soon. This will provide a better option than the old Linux emulation layer.
Hotplugd is crazysauce. So much you can do with it. Toad claims to need kern.usermount so it won't work with a default install, and will be toadally broken once this option is removed in OpenBSD 6.0. I can't speak for all OpenBSD users, but I just end up putting my sd-card reader (which sees most FAT formatted cards at sd1i) and the first available USB external drive (again, usually sd2i for FAT) in my /etc/fstab and call the mount with doas.
'toadally broken' indeed, I'm hoping that Antoine Jacoutot will come up with a clever work around. That or xfce4-mount-plugin I suppose with doas and a limited permission to run mount without a password.
> Among the "security improvements" that they have listed we have:
>
> - Remove systrace. - Remove Linux emulation support. - Remove support for the usermount option.
Systrace was used in sandboxing applications before pledge existed. Pledge has
now made this defunct so it's being removed.
The Linux emulation support was seldom used in OpenBSD, so it's being removed.
The usermount option was found to expose bugs which users with this option could
cause the kernel to panic, so it's being removed.
gcc 4.9.3 is more than a year old at this point; I would love to use OpenBSD but it's hard to give up the creature comforts of the 5.x branch. Anyone know why, even in a release in which gcc gets upgraded, it gets upgraded to an old version?
It's not being updated at all. You are looking at the version in ports. This can be updated to a GPLv3 version (as 4.9.3 is a GPLv3 version) just fine. I don't know why it isn't; perhaps there's some porting problem and no or little demand. The version 4.9.3 is the same version that was present in OpenBSD 5.9 and probably several releases back. The system GCC is 4.2.1 plus OpenBSD patches. It has been for some time. This will not be updated to a GPLv3 compiler.
I believe there are some C++ ABI issues related to GCC 5x that make it challenging, supposedly other systems stuck with GCC 4.9 for awhile because of it.
Just curious if OpenBSD plans to continue to use the old gcc 4.2.1 or migrate to LLVM or even GCC 5.1. I can imagine the later is not compatible due to the license.
It's difficult because GCC is pretty buggy, which makes it hard to follow recent stable releases. In addition, OpenBSD has a lot of exploit mitigations in their branch of the compiler which will take considerable effort to port to LLVM.
The "old" compiler is for compiling the base system and xenocara. There are gcc4 and clang packages available. Some packages are build using those more modern compilers.
I.e. Chromium is build with clang (3.8) if I'm not mistaken.
39 comments
[ 2.7 ms ] story [ 94.4 ms ] thread- Remove systrace. - Remove Linux emulation support. - Remove support for the usermount option.
What impact will this have on OpenBSD users?
None of the other changes impact anything I do on a daily basis. I haven't used Linux emulation since 2006 or so, and even then, it was a gigantic pain in the ass. The devs have a native virtual machine hypervisor in the works that I was hoping would be ready for prime-time in OpenBSD 6.0. I doubt it'll be ready that soon. This will provide a better option than the old Linux emulation layer.
http://ports.su/sysutils/toad
doas mount /sdcard
Not that big of a deal.
'toadally broken' indeed, I'm hoping that Antoine Jacoutot will come up with a clever work around. That or xfce4-mount-plugin I suppose with doas and a limited permission to run mount without a password.
Systrace was used in sandboxing applications before pledge existed. Pledge has now made this defunct so it's being removed.
The Linux emulation support was seldom used in OpenBSD, so it's being removed.
The usermount option was found to expose bugs which users with this option could cause the kernel to panic, so it's being removed.
That all seems pretty sane to me.
I guess the "1 hour ago" next to his username might have confused you :)
This means they rely on "old" compilers to compile "old" C code from the base.
I.e. Chromium is build with clang (3.8) if I'm not mistaken.
http://marc.info/?l=openbsd-misc&m=137530560232232