Hacker News
new
|
past
|
comments
|
ask
|
show
|
jobs
|
submit
login
the8472
on July 16, 2022
|
parent
|
context
|
favorite
| on:
Show HN: Porting OpenBSD Pledge() to Linux
But that's the issue. In the example I gave we already have a broker (the root process spawning ssh shells). But we want to restrict the broker too to make it more difficult to exploit. To do that we need to pledge without inheritance.
staticassertion
on July 17, 2022
[–]
I wouldn't call sshd a broker, at least, it's not exclusively one.
Guidelines
|
FAQ
|
Lists
|
API
|
Security
|
Legal
|
Apply to YC
|
Contact
Search:
