# Why FreeBSD lag behind in security against OpenBSD



## Zohaib Online (Feb 6, 2017)

OpenSSH, PF, LibreSSL etc are the things that are incorporated in FreeBSD that were made by OpenBSD developers. Why FreeBSD people dont make it their own versions especially for security things. Why letting OpenBSD people proud of the "most secure operating system on planet status" by getting theirs. Sorry about my wording but I like freebsd the most as it is complete OS with better documentation best community but just one thing when google openbsd "the most secure OS" I feel my FreeBSD somewhere lag behind in security thats why It is noton top of the list.


----------



## SirDice (Feb 6, 2017)

Zohaib Online said:


> I feel my FreeBSD somewhere lag behind in security


It's not.


----------



## ANOKNUSA (Feb 6, 2017)

Zohaib Online said:


> Why FreeBSD people dont make it their own versions especially for security things.



The English idiom for this is "re-inventing the wheel," and it is discouraged because it is a waste of time and energy. If a perfectly good solution to a problem exists, use it. If someone thinks they can do it better, they are probably wrong.


----------



## Zohaib Online (Feb 6, 2017)

Thanks


----------



## marino (Feb 6, 2017)

actually ANOKNUSA misunderstood I think.  He wasn't asking freebsd to make their own version, he was asking why freebsd didn't use the openbsd version.


----------



## ANOKNUSA (Feb 7, 2017)

Yes, I read "make their own" rather than "make it their own."  Sorry, my mistake.  With that in mind: I would bet that LibreSSL will be brought into the base system at some point. OpenSSH and PF aren't updated to the latest version because FreeBSD releases have a relatively long support cycle, while the attitude of the OpenBSD developers is that everyone should run the development branch of OpenBSD whenever possible, and immediately upgrade to the latest release when running -CURRENT is not possible.

I do think OpenSSH and pf should be as close to the upstream version as possible and as unadulterated as possible while maintaining long-term reliability. I think that's as reasonable as anyone can be.


----------

