DaemonNews.org has an article about general security issues for FreeBSD. "The funny thing about security is that we actually have quite a lot of it in the UNIX paradigm. We have users, groups, chroot,
secure levels, and jails. The only problem is that we don't use any of it by default. Most services are run as root - pop3, ftp,
ssh, ident, sendmail, talkd, named, ntpd, and even the ones that aren't, such as apache, barely touch the first layer of
security offered in FreeBSD: each runs as its own user and group but doesn't bother with anything else. Even when
programs such as named have security-minded options, they tend to not use them by default."
August 1, 2001