|
|
|
|
|
|
by sdkmvx
3715 days ago
|
|
|
OS X's libsandbox is much closer to SELinux. It's MAC-based (mandatory access control not Macintosh) and is actually TrustedBSD under the covers. Pledge simply disallows access to syscalls and paths outside a list. It's not very fine-grained. It also resets on exec, so it can't be used as a sandbox or container. |
|
|
If you think of a shell as an example, it will need to exec programs that do privileged things before they can drop them, but the parent shell itself may never need to say.. create sockets.