X11
OpenBSD's version of the X Window System has some security modifications. The server and some of the default applications are patched for privilege separation and other enhancements, and OpenBSD provides an "aperture" driver to limit X's access to memory. However, after recent work on X security flaws by Loïc Duflot, Theo de Raadt commented that the aperture driver was merely "the best we can do" and that X "violates all the security models you will hear of in a university class." He went on to castigate X developers for "taking their time at solving this > 10 year old problem." Recently, a VESA kernel driver has been developed, which permits X to run, albeit more slowly, without the use of the aperture driver.
Read more about this topic: Open BSD Security Features