- cross-posted to:
- unix@sh.itjust.works
- cross-posted to:
- unix@sh.itjust.works
This is the best summary I could come up with:
One of the biggies is very specific and quite niche, while the other is something that would be seen as a major improvement on more mainstream OSes, but which for this project barely merits a mention in the release notes.
The Reg FOSS desk has worked in at least one company that mandates full-disk encryption for all staff computers, although our own personal perspective is more along the lines of XKCD 538.
This works alongside the existing pledge(), which places strict restrictions on which OS system calls a particular binary is allowed to access.
For the technical details, project lead Theo de Raadt posted the backstory in late 2023, with a small update last January.
There are other changes and refinements in this release, including tweaks to the pf firewall, refreshed graphics drivers imported from Linux 6.6.19, a new console font, IPv6 support over PPP, and improved performance on multicore computers.
(We found various more complex ways, such as copying the OpenBSD bootloader to a Linux partition, but the method in the link above was the simplest and it worked fine.)
The original article contains 1,033 words, the summary contains 181 words. Saved 82%. I’m a bot and I’m open source!