navigation

Introduction to BSD

“Linux people do what they do because they hate Microsoft. We do what we do because we love Unix."

– Theo de Raadt

About BSD

The history of BSD is linked with the history of Unix. The Unix operating system first emerged in the early 70’s and it introduced a certain philosophy towards building operating systems. The Unix philosophy has withstood the test of time and can be observed in a whole range of operating systems from the biggest mainframes to the smallest computing devices. Not only are Unix based operating systems powering pretty much all of the internet in the form of web, name, mail, and caching servers, they also have an almost full monopoly on smartphones with Apple’s iOS and Google’s Android operating systems. A more in depth description of the Unix philosophy can be found below.

The Unix Philosophy

The Unix philosophy has been described in multiple ways. What follows are a short version by Peter H. Salus, and a more extensive version by Eric S. Raymond.

The short version:

  • Write programs that do one thing and do it well.
  • Write programs to work together.
  • Write programs to handle text streams, because that is a universal interface.

The longer version is:

  • Rule of Modularity: Write simple parts connected by clean interfaces.
  • Rule of Clarity: Clarity is better than cleverness.
  • Rule of Composition: Design programs to be connected to other programs.
  • Rule of Separation: Separate policy from mechanism; separate interfaces from engines.
  • Rule of Simplicity: Design for simplicity; add complexity only where you must.
  • Rule of Parsimony: Write a big program only when it is clear by demonstration that nothing else will do.
  • Rule of Transparency: Design for visibility to make inspection and debuggingeasier.
  • Rule of Robustness: Robustness is the child of transparency and simplicity.
  • Rule of Representation: Fold knowledge into data so program logic can be stupid and robust.
  • Rule of Least Surprise: In interface design, always do the least surprising thing.
  • Rule of Silence: When a program has nothing surprising to say, it should say nothing.
  • Rule of Repair: When you must fail, fail noisily and as soon as possible.
  • Rule of Economy: Programmer time is expensive; conserve it in preference to machine time.
  • Rule of Generation: Avoid hand-hacking; write programs to write programs when you can.
  • Rule of Optimization: Prototype before polishing. Get it working before you optimize it.
  • Rule of Diversity: Distrust all claims for “one true way”.
  • Rule of Extensibility: Design for the future, because it will be here sooner than you think.

History of Unix/BSD

Below an image of the history of the various unix-based operating systems.

Unix History

Major BSD distributions

As shown in the graph above, Unix comes in many distinct flavours and one of those flavours is the Berkeley Software Distribution, or BSD for short. Separating one Unix operating system from other Unix based operating systems can be done based on the license in use, the kernel (design), user space tools, and ancestry. Inversely and as such, the various BSD distributions share a common ancester, use a BSD kernel in one form or another, use the BSD user space tools (as opposed to GNU tools), and generally use the ICS or BSD license for the code they write. The specifics of some of the BSD distributions can be found below.

OpenBSD

OpenBSD logo

The OpenBSD project produces a freely available, multi-platform 4.4BSD-based UNIX-like operating system. Their goals place emphasis on correctness, security, standardization, and portability.

Some reasons why we think OpenBSD is a useful operating system:

  • OpenBSD runs on many different hardware platforms.
  • OpenBSD is thought of as the most secure UNIX-like operating system by many security professionals, as a result of the never-ending comprehensive source code audit.
  • OpenBSD is a full-featured UNIX-like operating system available in source and binary form at no charge.
  • OpenBSD integrates cutting-edge security technology suitable for building firewalls and private network services in a distributed environment.
  • OpenBSD benefits from strong ongoing development in many areas, offering opportunities to work with emerging technologies and an international community of developers and end users.
  • OpenBSD attempts to minimize the need for customization and tweaking. For the vast majority of users, OpenBSD just works on their hardware for their application.
  • OpenBSD is mainly focused on security. This means that all other considerations like performance or convenience take a back seat.

FreeBSD

FreeBSD logo

FreeBSD is an operating system for a variety of platforms which focuses on features, speed, and stability. It is derived from BSD, the version of UNIX® developed at the University of California, Berkeley. It is developed and maintained by a large community.

  • FreeBSD offers advanced networking, performance, security and compatibility features today which are still missing in other operating systems, even some of the best commercial ones.
  • FreeBSD makes an ideal Internet or Intranet server. It provides robust network services under the heaviest loads and uses memory efficiently to maintain good response times for thousands of simultaneous user processes.
  • FreeBSD brings advanced network operating system features to appliance and embedded platforms, from higher-end Intel-based appliances to ARM, PowerPC, and MIPS hardware platforms. From mail and web appliances to routers, time servers, and wireless access points, vendors around the world rely on FreeBSD’s integrated build and cross-build environments and advanced features as the foundation for their embedded products. And the Berkeley open source license lets them decide how many of their local changes they want to contribute back.
  • With over 24,000 ported libraries and applications, FreeBSD supports applications for desktop, server, appliance, and embedded environments.
  • FreeBSD can be installed from a variety of media including CD-ROM, DVD, or directly over the network using FTP or NFS. All you need are these directions.
  • FreeBSD is free

NetBSD

NetBSD logo

The NetBSD Project is an international collaborative effort of a large group of people, to produce a freely available and redistributable UNIX-like operating system, NetBSD. In addition to their own work, NetBSD contains a variety of other free software, including 4.4BSD Lite2 from the University of California, Berkeley.

One of the primary focuses of the NetBSD project has been to make the base OS highly portable. This has resulted in NetBSD being ported to a large number of hardware platforms. NetBSD is also interoperable, implementing many standard APIs and network protocols, and emulating many other systems’ ABIs.

  • NetBSD provides a well designed, stable, and fast BSD system.
  • NetBSD avoids encumbering licenses.
  • NetBSD provides a portable system, which runs on many hardware platforms.
  • NetBSD interoperates well with other systems.
  • NetBSD conforms to open systems standards as much as is practical.

HardenedBSD

HardenedBSD logo

HardenedBSD is a fork of FreeBSD, founded in 2014, that implements exploit mitigations and security hardening technologies. The primary goal of HardenedBSD is to perform a clean-room re-implementation of the grsecurity patchset for Linux to HardenedBSD.

HardenedBSD has successfully implemented the following features:

  • PaX-inspired ASLR
  • PaX-inspired NOEXEC
  • PaX-inspired SEGVGUARD
  • Base compiled as Position Independent Executables (PIEs)
  • Base compiled with full RELRO (RELRO + BIND_NOW)
  • Hardening of certain sensitive sysctl nodes
  • Network stack hardening
  • Executable file integrity enforcement
  • Boot process hardening
  • procs/linprocfs hardening
  • LibreSSL as an optional crypto library in base
  • Trusted Path Execution (TPE)
  • Randomized PIDs
  • SafeStack in base
  • SafeStack available in ports
  • Non-Cross-DSO CFI in base
  • Non-Cross-DSO CFI available in ports

BSD licenses

The licenses in use by the various BSD projects are very permissive and short enough to include in their entirety on this page.

3-clause BSD license 

Copyright (c) <YEAR> <OWNER>
All rights reserved.
Redistribution and use in source and binary forms, with or without
modification, are permitted provided that the following conditions are met:

    * Redistributions of source code must retain the above copyright
      notice, this list of conditions and the following disclaimer.
    * Redistributions in binary form must reproduce the above copyright
      notice, this list of conditions and the following disclaimer in the
      documentation and/or other materials provided with the distribution.
    * Neither the name of the University of California, Berkeley nor the
      names of its contributors may be used to endorse or promote products
      derived from this software without specific prior written permission.

THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS "AS IS" AND ANY
EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
DISCLAIMED. IN NO EVENT SHALL THE REGENTS AND CONTRIBUTORS BE LIABLE FOR ANY
DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
(INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND
ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
(INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.

ICS license 

Copyright <YEAR> <OWNER>

Permission to use, copy, modify, and/or distribute this software for any purpose with or without fee is hereby granted, provided that the above copyright notice and this permission notice appear in all copies.

THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.

OpenBSD license 

Copyright (c) YYYY YOUR NAME HERE <user@your.dom.ain>

Permission to use, copy, modify, and distribute this software for any
purpose with or without fee is hereby granted, provided that the above
copyright notice and this permission notice appear in all copies.

THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.