Hacker News new | comments | show | ask | jobs | submit login
Xorg can now run without privilege on OpenBSD (undeadly.org)
137 points by protomyth 970 days ago | hide | past | web | 79 comments | favorite

I want to like OpenBSD. I'm so happy about openssh and like the whole mindset, philosophy. Or so I thought.

Recently (like, weeks ago) I investigated the big three BSDs for a small mail server project. OpenBSD was the first thing I looked at, I was especially interested in opensmtpd. Looking for documentation I stumbled upon [1] (note: Same aggregator, same domain. I consider that 'The canonical source for OpenBSD').

So that article praises the features of opensmtpd and then shows how to implement a filter. With this:

/* block idiots */ if (! strcmp(p->domain, "0pointer.net")) { filter_api_reject(id, 530, "You're not welcome, go away !"); return; }

At that point I shook my head in disbelief, labeled the author as person I don't want to read from again and moved on to NetBSD (and FreeBSD, still not sure with which one I'll go). OpenBSD's obviously for more elite persons and ad hominem attacks in random samples are .. I don't know. Funny? Cool with the users/the project? The Right Way™?

That project has lots of attitude problems.

1: http://undeadly.org/cgi?action=article&sid=20130130081741

"This person said something I don't agree with[1], therefore they're an idiot." isn't nice, but it's also not ad hominem. Ad hominem is the other way around: "This person is an idiot, therefore I don't agree with them."

[1] http://bsd.slashdot.org/story/11/07/16/0020243/lennart-poett...

Thanks a lot for correcting me.

I still doubt that 'I consider that guy an idiot' is a reasonable thing to write in an article about smtpd filters. And _technically_ I question the example for blacklisting a whole domain, while the 'idiot' is probably just one guy (and for all I know, he might share that domain with friends or family).

If someone says something (arguably) stupid, the reaction isn't to write something utterly braindead in response. At least not among adults. Plus, 'I think BSDs are holding us back' (or even: 'BSDs suck!' if you want to condense that and distill it a bit) is targeting a family of operating systems, that example code/comment targets a person. That's just .. socially awkward at best, if we're friendly.

'I consider what this person subtly implied once as breaking an arbitrary set of rules I've constructed in my head and therefore will disregard their past and future work' -- this sounds a lot more childish to me than subtly calling Lennart an idiot due to him doing things one would consider idiocy.

And if you think someone is an idiot, there aren't ways to communicate that without calling them an idiot. If you can't call them an idiot, you can't speak of their actions as idiocy and in the end you can't communicate your thoughts, which is as good as not having them in the first place -- we enter a newspeak kind of situation.

It may be due to all the years spent on 4chan and the experience developed thence, but at some point it falls on you as a listener to actually listen to what a person is saying rather than how they're saying it, or getting your knickers out of alignment due to a tongue-in-cheek comment.

I've known Gilles (opensmtpd author) personally for close to 10 years. This is just his kind of humour.

That you might not find it funny, I get. But dismissing all the work that has been put on this project because of what your perceive as attitude is like you not using OpenSSH because you don't like Theo de Raadt.

Thanks a lot for sharing that. Without personal knowledge like yours a text medium (sans explicit "jk" or /sarcasm tags) is hard to parse right.

I'm not dismissing all the work, I just decided that I've to move on. The project (we're talking opensmtpd here?) very well might be great. This was just a crappy first impression. No hard feelings, no rage or whatever - it seems people think I feel much stronger about this than I actually do.

I was disappointed, consider this distasteful/low (see elsewhere in this thread: I certainly get that humor's different and context matters), decided that for me, personally, this isn't cool and moved on.

I really feel sorry for sharing this here by now, though. It was something that immediately came back to me when the OpenBSD headline came up, I found it worth commenting/sharing and now I started a big thread of .. noise. I'll make sure to remember this outcome next time I'm feeling the urge to post a rather unrelated/negative piece like this.

> like you not using OpenSSH because you don't like Theo de Raadt

It looked to me like people do this sort of thing all the time? This happens even in non-tech scenarios (e.g. not reading an author's works because you don't like his politics, even when the work itself is non-political etc)

>That project has lots of attitude problems

I believe you have the attitude problem. How did you survive reading Phrack, early 2600, Linux kernel mailing lists or IRC if this tiny example of "block idiots" offends you. It wasn't even directed at you, it's just an example in a dev journal. This undeadly post is internal dev stuff on the mailing list, not the actual end user documentation which is the official man pages, that's where all the up to date and complete documentation is. Most of the humor is also European, so some Germans joking around on the pf or SMTPD mailing list may also offend you with their weird humor.

OpenSMTPD also works on Linux/MacOSX but I imagine the emails and actions of Steve Jobs or Torvalds might also offend you so better steer clear of both those projects. Better avoid GrSec/Pax twitter account too. Stallman has also said some pretty inflammatory things so the whole Gnu platform is off limits. I recommend installing MS Feelings 2.0

Absolutely agreed.

It seems that some people won't be happy until all human interaction is mediated through vapid, inoffensive office-speak.

Also, the offending example is to block malicious API use, while I'm sure spammers have feelings too they will most likely survive this stinging automated reject message.

It's funny you mention this. On the actual OpenBSD installation, if a non-privileged user tries to login and fails (bad password etc..), the error message is "Are you on drugs?"

No, seriously, that's the actual error message. I just double-checked in 5.4 and it's still there.

OpenBSD, for many reasons, is definitely an acquired taste in both configuration and documentation for said configuration. There are a lots of technical points that make it a great OS.

They're still only technical points, though.

Edit: Correction, it's not on initial login. Only on sudo. The rest of the list : https://github.com/toddfries/OpenBSD-usr.bin-patches/blob/ma...

Hmm.. Humor's a special thing. I actually like those. They insult the user (me) for doing something stupid or wrong. Classy? Probably not. But fair game in my world.

"Hey, see this nice smtpd we created? Here's how you blacklist the domain of a Linux guy we like to make fun of/blame for everything wrong in the world" is .. childish. But again, sense of humor is certainly something that is open for interpretation and all..

That’s only part of the list of insults. Sudo has more, and you can see them on any platform by setting “Defaults insults” in /etc/sudoers. See the sudoers(5) manpage.

Yes it's on by default in OpenBSD. This is the only distro I've used where that is the case. I think it's amusing. If you don't like it, turn it off.

I'm quite confused, you read a joke, which apparently you didn't like, on an unofficial (albeit heavily OpenBSD focused) blog, and that's a reason not to use OpenBSD? Isn't this almost the definition of an ad hominem argument towards OpenBSD? "I don't like something this person says so I won't use something he uses".

I used OpenBSD for years as a router on a Pentium with 32MB of RAM I got for free somewhere, and it was fantastic. It filtered all my traffic and ran Irssi with 8MB RAM to spare. It's an awesome operating system that I wish I had a good use for at the moment. PF was wonderful to work with. This seems like an absolutely ludacris reason to dismiss the system and I have no idea why it's the top comment on a thread about a interesting technical innovation. What is wrong with you people.

Well, when the owner of 0pointer.net steamrolls across the land with a new init system that takes over every aspect of the userland, and is Linux exclusive, I wouldn't be surprised to find OpenBSD developers a bit upset.

Calling BSD irrelevant probably didn't sit well with many of them. I do wonder what darklajid would think an appropriate response would be? Seems rejecting his e-mail after he called you and yours "irrelevant" isn't that hard to believe.

also, as others have pointed out, not ad hominem

So, we get one more post where the first comment is basically a negative comment with not one word about the submitted story.

Sorry about the negativity. Believe me, I never thought this would gather upvotes. I was actually blowing this out because I was really annoyed by that post and .. thought I'd take the downvotes for airing my opinion. This didn't turn out as I thought.. I really, really didn't mean to spit on the OpenBSD project (I said it, albeit not clearly enough: I like a lot about that project) and sit at the top of the comment list. Mea culpa.

"Calling BSD irrelevant" is, as I stated elsewhere, an opinion and targeting a family of operating systems. Retaliating with something that targets a person seems the kind of behavior you should've grown out of if you're writing (open)smtpd filters.

The technical part of the story sounds really neat. Didn't mean to slight that.

Why not post a link to the article you sited and then dump on it in the first comment?

The owner of the domain said "I recommend developers to try to hack with only Linux in mind and experience the freedom and the opportunities this offers you" and "I don't think BSD is really too relevant anymore"[1]. The example they gave in the article is pretty mild compared to the original statements. I would imagine the author was "was really annoyed by that post" and threw in a small jab. I have said quite a lot worse when someone has looked at the whole of my work and dismissed it as irrelevant. In fact, some of the harshest insults in open source seem to be calling code irrelevant or foolish wastes of time when so many love and put effort into it.

1) http://linuxfr.org/nodes/86687/comments/1249943 read the whole article and compare it to the one jab in the opensmtpd article

Forgive me, but I didn't understand your first sentence. That might either be a problem caused by us speaking a common but foreign language, or - if you're a native speaker - me not understanding what you're trying to say.

I understand what he said. I also agree that he's difficult at times and very opiniated. But sharing his opinion is fine. The article you link to? The QUESTIONS mention BSD first (go ahead, check it) and he speaks his mind.

Do I agree with what he says there? No, I actually migrate a couple of things from Linux to BSD this very moment. But you cannot seriously compare "Guy's asked about BSD, says he doesn't think it matters" to "So, there's this cool SMTPD we built. Let me show you some examples. We could totally build filters and instead of example.com we're going to filter 0pointer.net, you know? That idiot?".

That is NOT the same thing. Plus, that article was supposed to show of what you can do with opensmtpd. Filtering? Cool. Filtering because you feel slighted? Awwww... Poor kitty.

The author of that article very well might filter gazillion domains _on his very own server_, but for some public "This is how you can create your own filter" text you should use a neutral example. Or .. people like me might shake their head, sigh, be disappointed and move along and share their frustration elsewhere (like.. here?) a bit later.

"Forgive me, but I didn't understand your first sentence. That might either be a problem caused by us speaking a common but foreign language, or - if you're a native speaker - me not understanding what you're trying to say."

Well, I did grow up on a reservation in the US, so some of my speech might have some localisms, but English is my first language.

So, I will restate my first sentence: Why didn't you submit the link http://undeadly.org/cgi?action=article&sid=20130130081741 then put your opinion of the writer given his example as the first comment?

As to the rest, the questions in the article mention BSD because of his previous statements that others in this thread have linked to. He has stated those opinions strongly without prompting by making proposals.

Judging a whole OS by one guy's article is pretty poor. I assume you boycotted Linux over the "monkeys"[1] comment since that seems much worse than this one example came from the lead of the whole project?

1) http://article.gmane.org/gmane.linux.kernel/706950

Thanks a lot for the first part/explanation. The answer is nothing spectacular: Because it didn't came to my mind. When I stumbled upon that post I didn't submit it anywhere. I recalled that post when this 'OpenBSD' headline turned up.

Again, submitting 'So I think this isn't nice' never came to my mind and adding this here was (ignoring attributes like 'useless' etc) a spontaneous 'You know what I recently found?' kind of comment. This was blown way out of proportion by now. My bad.

It's all posturing.

This is a common problem that people have; they read what's easy, rather than what's relevant. If you really want to learn about the BSDs, you have to read through the source code. If you go by what people write in blogs, all you're getting is someone's opinion, not what will actually run on your machine.

Finally, an OpenBSD tutorial using strcmp? I believe they spell it strlcmp.

OpenBSD has lots of fine documentation. Read the man pages they aren't generally useless like the gnu ones.


How possible is it that this is sarcasm or just a joke?

I know HN likes to pretend it can't ever read between the lines, but, seriously, are there even remote odds that that snippet you quoted is actually expressing deep feelings of superiority?

You might be totally right. In that case I'm prepared for an apology.

That said, even here (mostly OS X/Linux as far as I can tell) there's Lennart bashing everywhere. Check a random systemd thread, you'll find lots of that. Expecting a friendly jab in some random text about the opensmtpd features (not related to _anything_ that is usually blamed on Lennart, funnily enough) is .. unlikely.

My reaction is based on my belief that it is much more likely to see these low punches instead of "Hey, I made a friendly joke about the domain of this Linux dude I'm cool with".

Bottom line: Sure, you might totally be right, I might be the jerk here and take everything the wrong way. So far I still don't believe that and consider that less likely.

I've recently came across this: http://bsd-geek.de/FreeBSD/NO_POETTERING.patch

I don't know (and doubt) if it got merged into FreeBSD, but it shows that lots of people just hate him.

I don't really see any hatred there.

Software he has been significantly involved with has caused problems for a lot of people in the past. The recent strife and disagreement surrounding systemd surely hasn't helped the situation.

If somebody has had bad experiences with multiple software systems developed by a particular developer/project/organization, it's totally understandable why they'd want to avoid that developer's/project's/organization's software in the future. Nor is it unreasonable to want to protect oneself in such a manner. Furthermore, this can be the case without holding any sort of hateful emotions toward the developer/project/organization in question.

Do you have a better name for such a flag that may not involve his name directly? It does seem like a very descriptive name for what it does, even if some people may incorrectly interpret it as being "hateful" or something like that.

I hate him because I had to spend some time fixing my sound, which had been working fine before, not for personal reasons. I don't think I'm being unreasonable.

Hating somebody for writing free software is not anywhere near reasonable. He never forced you to use it.

Read lmm's comment again. His dislike clearly arises from the problems this software has apparently caused him in the past.

I don't think it matters if the software in question is open source or closed source, or if it was obtained for free or paid for, or how the developer was compensated, or if it were developed by an individual or an organization, or why lmm had to use it in the first place.

Causing people unnecessary grief will invoke a negative reaction. That's perfectly understandable, and quite reasonable.

The main problem was that a particular popular distribution made PulseAudio its default audio system before it was ready for that, and did a bad job integrating and testing it.

That wasn't Lennart's fault. PulseAudio is a really mature and stable system now.

I disagree. PulseAudio is a prime example of Lennart confusing an issue that is fairly specific to Linux to an issue general to Unix. Other Unixes have solutions to the problem of a limited number of audio channels; in such places, PulseAudio only adds needless complexity. Had Lennart instead worked with the people of the Alsa project to improve it, we wouldn't have had any of the problems we saw with pulseaudio, and we wouldn't have yet another layer to deal with in handling audio.

He aggressively promoted it and got downstream applications and distributions to adopt it, no?

Wow. Well, that doesn't seem to be part of the FreeBSD ports tree as far as I can tell (at least not in this snapshot here).

What a sad idea..

Could you explain exactly why that triggered so much outrage for you?

(As it turns out, this doesn't meet the definition of an ad hominem since there is no attempt to invalidate any arguments from "0pointer.net".)

> moved on to NetBSD (and FreeBSD, still not sure with which one I'll go)

Generally, FreeBSD will perform better for servers and offers a larger feature set than the other two. NetBSD aims for maximum portability, and OpenBSD for security. Therefore I typically recommend FreeBSD for servers, OpenBSD for routers and NetBSD for playing around on oddball hardware.

> OpenBSD for security

I dunno, I hear this a lot. Sure OpenBSD has created and implemented some (often very bleeding edge) hardening features, but nothing that hasn't seen the light of day in something like GRSecuriy.

But the lack of other security layers and constructs seem puzzling to me. No RBAC-based system like selinux? No attempt to secure the supply chain until very recently with package signing? Chroot functionality inferior to something like FreeBSD's jails?

Not to mention that many services you would deploy an OpenBSD server for are provided by ports and not the base system, forgoing the strict auditing that OpenBSD provides.

I think for anything besides a standalone router or mail/DNS server you're probably better off looking at other general purpose operating systems like FreeBSD or Linux.

I should note here that I've used various BSD's for various jobs over the years, including OpenBSD. I enjoy using it and never had any troubles with it. I would still consider it for uses that don't require much stepping out of the base system.

I asked your questions on the OpenBSD mailinglist, got these replies:



I use FreeBSD for our Samba / home directory server (ZFS), but use OpenBSD for mail, dns, and the router.

OpenBSD is run by Theo de Raadt, who is famous for being a more acerbic version of Linus Torvalds.

I always wondered if he has half the skills of Linus when it comes to programming. But since I don't have the means to measure them (both geniuses in their own field), I just tend to speculate about it :-)

You don't need to run OpenSMTPD in order to get Xorg to work, of course. Also, OpenBSD is just the operating system. You can run whatever MTA you want.

Just a reminder, this thread is about Xorg running without privileges on OpenBSD -- an amazing feat!

What is that suppose to mean? NULL pointer bugs are the realm of idiots?

Is there a more troubling reference in here that I just don't get?

That's Lennart Poettering (pulseaudio/systemd creator)'s personal domain.

0pointer.net is the website oft Lennart Poettering of pulseaudio and systemd fame.

It's Lennart Poettering's website.

undeadly is most definitely not the canonical source for openbsd. Just read the man pages.


Hey, nousernamesleft, you've been hellbanned. Your most recent posts are showing up as dead.

and still, it was totally worth it and I would do it again :-)

Funny how they use the word "idiot" then use strcmp instead of strncmp for comparison.

Since they're comparing against a literal string, which is guaranteed to be NULL terminated, what's wrong with that?

Apparently it is safe


However, some people may have the temptation of, when changing the code, replacing it with a non-literal string, or, in a rare case, there's a memory corruption affecting the literal string making it lose the null-termination.

so there's a bug if someone is tempted to modify it and break otherwise correct code ?

i'd be tempted to say that we can apply the same logic to about 100% of code ever written.

Not a bug, but some warning comment might be useful.

Choose OpenBSD for your Unix needs. OpenBSD -- the world's simplest and most secure Unix-like OS. Creator of the world's most used SSH implementation OpenSSH, the world's most elegant firewall PF, and the world's most elegant mail server OpenSMTPD. OpenBSD -- the cleanest kernel, the cleanest userland and the cleanest configuration syntax.

<strike>No</strike> Only <strike>1</strike> 2 remote root holes in the default install.

Are you implying this is a bad thing? What other operating system can claim even just an order of magnitude more holes? 2, in what, over a decade? That's incredibly good.

The problem is that the default install doesn't do much. It's almost like saying that MS-DOS is secure because networking is not working by default.

The default OpenBSD install ships with plenty of software. It comes with pretty much everything but graphical web browsers that the devs use. It includes web and email servers, opensshd and openntpd, openldap, gnome, etc. It's a system fully functional for many purposes.

Very little of that was enabled in the default install. The no vulnerabilities claim rubbed a lot of people the wrong way. Sometimes things were patched that could have been remotely exploitable, but not called vulnerabilities because nobody checked when bugs were fixed.

Even so, I still I really like OpenBSD. I'm glad they finally got started with code signing. This work on Xorg is fantastic, although I can't see the point of running Xorg on OpenBSD.

Wish OpenBSD had better SMP support and ZFS.

Is this true?

Not necessarily.

Only two has been discovered, but how many there really is?

Actually, Theo is a mole working for the NSA and he's throughout the code that looks clean, he has hidden loads of backdoors and weak crypto…

And because the coders and security consultants reading OpenBSD's source code spend so much time laughing at the jokes in the comments, that they just don't notice the hidden evil!

But Ssh! don't tell anyone the door is opened! :-D

It's funny you joke about that...

The alleged FBI backdoor in OpenBSD's IPSec implementation:


It is from December 2010. In regards of the Snowden revelations have any of the backdoors been found since?


OpenSMTPD is great for people who need a basic MTA. The configuration is not voodoo and the man pages are good.

In 2006 one of my teachers, Mr Etiemble, told us about a paper he's participated in to illustrate that no matter how good the security models can be at each level of abstraction, it only needs one piece of code that uses a vertical design to make the overall layers of security models worthless…


N.B.: That article is really worth a read!

And then, as one could have expected at the time, TdR had a really strong reaction on the matter (can't find the e-mail for reference), saying that OpenBSD is anyway secure, except if you want to have "modern accelerated graphics" (or something less subjective, that's iirc)…

…and here we are eight years later, to finally have the OpenBSD guys show off they've done it. I don't know if that should bug me they needed 8 years to patch that bug that was not really one (as per Theo) or if I should be amazed by the work done to secure that incredible mess that is Xorg :-)

cheers and gg, guys!

Great accomplishment! Congratulations to OpenBSD folks!

Do they block access to advanced features of the video card?

Can't a video card DRM read any memory on the system?

Presumably there's still some portion of the graphics driver that has to live in the kernel, or otherwise use privileged operations to talk to the hardware. But that driver is a lot smaller of a surface to secure than Xorg, which is a much larger codebase with many complicated moving parts.

Users of a video card should be able to do so securely: Look at something like WebGL, where many of a graphics card's features are exposed to the web, which is very much untrusted code.

I imagine they would have a kernel driver that receives requests from the unprivileged X.org, sanitizes them, and sends safe requests to the hardware.

I think you mean DMA, not DRM.

In the context "DRM" doesn't make a lot of sense, I do thing the OP means "DMA" here. DRM is an API, it doesn't "read" anything. DMA, however, does.

Either way, I learned about a new thing!

Don't forget to donate:


Thanks! :)

FYI - the systemd project got a similar thing working on Linux a couple of weeks back. I think Wayland/Weston already leverages systemd to run without privileges.

Part of the whole discussion on why systemd was much more forward looking than anything else on Linux.

[1] https://plus.google.com/+DavidHerrmann/posts/ggK1tStCvJH

Guidelines | FAQ | Support | API | Security | Lists | Bookmarklet | DMCA | Apply to YC | Contact