> On 27 Sep 2017, at 16:44, Theo de Raadt <deraadt@openbsd.org> wrote:
>
> you really shouldn't be promising that to anyone. it might not happen,
> their design might not allow it.
>
> pledge in giant programs is very rare. chrome got LUCKY, and there is
> no evidence that firefox will also.
There was also another interesting presentation by Landry Breuil
about "7 years of maintaining firefox "
with "- sandboxing w/ `pledge()` ?"
https://www.openbsd.org/papers/eurobsdcon2017_seven_years_of_maintaining_firefox.md
but not sure if recordings will be available.
No comments:
Post a Comment