Popular:
Virtualization DNS security formal verification reachability analysis compiler errors macro conflict web extension development framework Bitmap Graphics API inconsistencies All Tags

OpenBSD's chflags: Achieving ISO 27001 Compliant Immutable Logs

2025-07-18
OpenBSD's chflags: Achieving ISO 27001 Compliant Immutable Logs

This article details how to leverage OpenBSD's `chflags` command with `sappnd` and `schg` flags to achieve immutable logging, fulfilling ISO 27001's log integrity requirements. While ISO 27001 doesn't explicitly demand immutability, its log protection stipulations effectively necessitate it. The author disables the `newsyslog` cron job, creates a log archive directory, and uses `chflags` to set append-only and immutable flags on log files, ensuring log integrity even if root access is compromised. A `/etc/rc.securelevel` script automates log rotation and flag management during boot, providing a robust and automated logging solution.

Read more
(rsadowski.de)
Development Log Security

OpenBSD Disk I/O Performance: More Threads Aren't Always Better

2025-06-08
OpenBSD Disk I/O Performance: More Threads Aren't Always Better

This post benchmarks the random read/write and latency performance of a 1TB Crucial P3 Plus SSD on OpenBSD 7.7 using fio(1). Results show good I/O scalability in OpenBSD, but increasing job counts beyond an optimal point (6-8 concurrent jobs) degrades performance due to contention and CPU overhead. Compared to Linux, OpenBSD shows more sensitivity to concurrency in NVMe writes. The test also reveals that excessive threads significantly impact desktop responsiveness. Future tests will extend to USB storage.

Read more
(rsadowski.de)
Development I/O performance