BSD is similar to Linux in that it is open source and UNIX-like. However, some of its differences make it very attractive for use within secure environments. Unlike Linux, which separates kernel development from the userland provided by distributions, each BSD project provides a wholly integrated operating system controlled by a release engineering team of developers. Each project oversees its own collection of third-party applications and monitors the nightly builds of both the operating system and the software collection. This tight integration makes it easier to find and fix software incompatibilities, meaning upgrades are less likely to break a dependency or negatively impact a production system. Testing and issuing patches for security vulnerabilities is also easier.

The source code for each BSD operating system is covered by the permissive BSD license, which freely allows modifications and distribution for both open-source and commercial development projects. This is an advantage in secure environments where it may not be desirable to expose code modifications publicly; for this reason, BSD is found in many security appliances.

Although BSD code can be found in literally hundreds of operating systems and products, the three main BSD projects are

• NetBSD, founded in March 1993 (http://www.netbsd.org)

• FreeBSD, founded in June 1993 (http://www.freebsd.org)

• OpenBSD, founded in October 1995 (http://www.openbsd.org)

The past few years have also seen the emergence of Dragonfly BSD (http://www .dragonflybsd.org), a fork of FreeBSD; and two FreeBSD-based projects that concentrate on desktop usage, DesktopBSD (http://www.desktopbsd.org) and PC-BSD (http://www.pcbsd.org).

This chapter will concentrate on the FreeBSD, OpenBSD, and NetBSD projects.

As seen in the example in Figure C-1, each of the BSD projects provides a cvs web interface, making it easy to browse and retrieve code. Each code base goes back to day 1

