I would like to see a comparison of capsicum and pledge/unveil. Is capsicum much more difficult to use? Is it inherently less secure?
I would like to see a comparison of capsicum and pledge/unveil. Is capsicum much more difficult to use? Is it inherently less secure?
It's very difficult to reason about, for instance compare the OpenSSH sshd sandbox implementations.
https://github.com/openssh/openssh-portable/blob/master/sshd...
https://github.com/openssh/openssh-portable/blob/master/sand...
https://github.com/openssh/openssh-portable/blob/master/sand...
https://github.com/openssh/openssh-portable/blob/master/sand...
w/ Capsicum, beyond faffing around with some file descriptors, it's unclear what security cap_enter() adds:
https://github.com/openssh/openssh-portable/blob/master/sand...