|
|
|
|
|
|
by brynet
4067 days ago
|
|
|
Privilege separation is achievable by using separate unprivileged users. If root is required, fork and drop root and then use something like OpenBSD's imsg(3) API to properly pass resources between the privileged parent and unprivileged child processes. If you want to go a step further and sandbox, use setrlimit(2)/chroot(2). And if it's appropriate, use technologies like systrace(4) or Linux seccomp(2). There are many examples of this in OpenBSD's base system, including some most people don't know about.. like tcpdump(8) |
|
|