FreeBSD Development Model
Unlike Windows, FreeBSD is not a commercial venture. FreeBSD is developed by a team of individuals who build the OS as a system. The FreeBSD kernel is released with a complete set of system utilities, drivers, and configuration files that represent a formal release. For instance, FreeBSD 5.2 was released with the kernel, a fully functional firewall, network drivers, administration utilities, and core userland tools. Other userland applications are supplied by third-party developers (for instance, Mozilla from the Mozilla Foundation or Osiris from Brian Wotring), but these programs are packaged by FreeBSD for inclusion in the operating system. During the packing process, the programs are tested by the FreeBSD team to make sure that they work properly with the operating system—but not necessarily for security issues.
Because FreeBSD is more than just a kernel, security functionality can be architected throughout the kernel and core system utilities as the operating system is developed. For instance, the FreeBSD kernel has a concept of secure levels. Different secure levels have differing restrictions. For instance, at secure level 2, file systems can't be mounted and time cannot be adjusted more than a second at a time. Not only does the kernel understand the secure levels, but core system utilities modify and help enforce the secure levels. This is possible because FreeBSD is developed as an end-to-end system (see Figure 2).
Figure 2 The FreeBSD Project controls the development of the kernel and the core systems utilities.
This release process is controlled by a release engineering team that determines which features will be included in what version of the OS and when the next FreeBSD is ready for release. The release engineering team has a release schedule that outlines the next several FreeBSD releases, as well as determining when old releases will reach their end of life (EOL). The EOL date is important to operations because it's the last date on which the FreeBSD will release patches for that version of the operating system. If you want to stay current (and secure), you have to update by the time the EOL hits for your operating systems.