| ▲ | ch_123 3 days ago | |
Most of the security guarantees are made about the base install of the OS, which is mostly code which the OpenBSD team maintains and develops. The code in ports is mostly subject to the same security issues that exist elsewhere, except where facilities of OpenBSD block them (or the code has been patched by the port maintainers). | ||
| ▲ | anthk 3 days ago | parent [-] | |
A lot of ports are pledge/unveiled; and there are malloc settings which don't let rogue/badly written operations misbehave as they would do in the rest of BSD's or any GNU/Linux distro. https://man.openbsd.org/OpenBSD-5.3/man5/malloc.conf.5 Hint: https://richardlupton.com/posts/openbsd-malloc-options/ Detox might crash. A lot. | ||