undefined | Better HN

0 pointsnickysielicki2y ago0 comments

The issue is not that there’s no way to do this, it’s that there’s no portable way to do this.

A seccomp bpf implementation of https://man.openbsd.org/pledge.2 could go a long way.

0 comments

That would be a good start, because it would allow one to "hollow out the attack surface" - a great concept I've encountered in the erights community. Primitives that allow one to gradually secure a system in the future when the need arises.

Though unfortunately it doesn't provide the level of expressivity and flexibility that a full capability security architecture would.

The world has a great deal to learn from the likes of KeyKOS, seL4 and Genode, i don't see any of these issues going away without their adoption (or at least their ideas, in other systems).

chucky_z2y ago

like https://github.com/jart/pledge?

i'm using this all over our production environment and it's very nice.

j / k navigate · click thread line to collapse