|By Thom Holwerda on 2018-10-12 17:51:19|
One of the key aspects of hardening the user-space side of an operating system is to provide mechanisms for restricting which parts of the filesystem hierarchy a given process can access. Linux has a number of mechanisms of varying capability and complexity for this purpose, but other kernels have taken a different approach. Over the last few months, OpenBSD has inaugurated a new system call named unveil() for this type of hardening that differs significantly from the mechanisms found in Linux.
- OpenBSD 6.4 released - 2018-10-18
- OpenBSD on the Microsoft Surface Go - 2018-08-31
- Towards secure system graphics: Arcan and OpenBSD - 2018-04-25
- OpenBSD 6.3 released - 2018-04-02
- More related articles