Re: [dev] pledge(2) patches

From: Martin Kühne <mysatyre_AT_gmail.com>
Date: Mon, 6 Jun 2016 13:36:14 +0200

On Mon, Jun 6, 2016 at 1:19 PM, Martin Kühne <mysatyre_AT_gmail.com> wrote:
> Can it somehow be made to keep its effect across the exec family of syscalls?
>

Having done my own research, no it can't. Also, the way it is designed
is a rather silly approach to security which is much more revealing
about today's idiotic way of writing software by including tens of
millions of SLOC of dependencies instead of doing the one thing for
the one job.
Doesn't the loader also have a say in what addresses are known to a process?

I personally find the idea of polluting our source code for this
appalling and suggest the wiki.

cheers!
mar77i
Received on Mon Jun 06 2016 - 13:36:14 CEST

This archive was generated by hypermail 2.3.0 : Mon Jun 06 2016 - 13:48:11 CEST