Re: [hackers] [ii][patch] add support for OpenBSD unveil(2)

From: Laslo Hunhold <dev_AT_frign.de>
Date: Wed, 12 Sep 2018 10:19:32 +0200

On Wed, 12 Sep 2018 09:36:29 +0200
Hiltjo Posthuma <hiltjo_AT_codemadness.org> wrote:

Dear Hiltjo,

> I think you have a good point. Maybe we should revert the pledge(2)
> changes and put them on the wiki. The patches could be maintained
> separately and added to the OS ports.
>
> What is the community opinion about this?

I would quote Theo de Raadt on this[0]. Optional security is
irrelevant.

Adding ifdefs of course is a tough decision in any case, though I
always think that suckless tools should be really more tuned towards
OpenBSD as it really is probably the most suckless operating system
around.

If we turn this into patches it just means more work in maintenance
and, as quoted above, optional security is often forgotten. Also, this
change is relatively simple and we don't have an ifdef-tree or anything.

I would strongly favor keeping this in upstream, but also understand
the opposing arguments. It's a tough call, but the maintainer as always
has the last word.

With best regards

Laslo

[0]:https://www.openbsd.org/papers/hackfest2015-pledge/mgp00005.html

-- 
Laslo Hunhold <dev_AT_frign.de>
Received on Wed Sep 12 2018 - 10:19:32 CEST

This archive was generated by hypermail 2.3.0 : Wed Sep 12 2018 - 10:24:23 CEST