On Sat, 24 Sep 2016, stephen Turner <stephen.n.turner_AT_gmail.com> wrote:
> What do you recommend for best knowledge of unsharing resources?
Start here:
OpenBSD: pledge(2), imsg_init(3)
Linux: unshare(2), prctl(2)
This is just some basic pointers to get you started. Nothing will ever
replace good architecture and careful design. See e.g. how OpenSMTPD
uses a "fork+reexec" technique to allow privsep'd subprocesses to each
have their own randomized address space:
https://www.poolp.org/tech/posts/2016/09/12/opensmtpd-6-0-0-released/
<3,K.
Received on Sat Sep 24 2016 - 16:44:19 CEST