← Back to context

Comment by gbrown_

4 years ago

I'm just going to dump some other links to pledge just for others that are interested. Here's some presentations on attempts at natively implementing pledge in Linux (YouTube's auto-translate does a decent job) [1][2].

The topic of a pledged process starting other processes un-pledged often comes up (and already has done in the comments here). I'd recommend checking out this section of Theo de Raadt's presentation that explains why this is [3].

As mentioned in the article the nice thing of pledge on OpenBSD is the integration of the pledge interface with the reality of underlying system. So as one example a program can pledge only dns and say not have filesystem access, but really under the covers it can read /etc/resolv.conf.

[1]https://www.youtube.com/watch?v=uXgxMDglxVM

[2] https://www.youtube.com/watch?v=PK7gETZURx0

[3] https://youtu.be/Er44ur7wkXQ?t=1497

0 comments

gbrown_

Reply