Wednesday, March 31, 2021

Re: Documentation on OpenBSD's 3-process privsep model?

On 31/03/2021 04:46, Marc Espie wrote:
> On Tue, Mar 23, 2021 at 09:41:06AM +0000, Ottavio Caruso wrote:
>> On 23/03/2021 05:53, misopolemiac wrote:
>>> I'd appreciate some pointers to documentation or minimal examples of
>>> the 3-process privilege separation model for OpenBSD's daemons.
>>> Internet searches pointed to skeleton examples at
>>> github.com/krwesterback/newd and github.com/krwesterback/newdctl, but
>>> those repos are now dead and it's unclear how authoritative they were
>>> in the first place.
>>>
>>>
>>
>> Blind leading the blind here, but I think a good starting point would be
>> recent presentations by Marc Espie, who, I believe but I might be wrong, is
>> the developer who worked the most on privsep.
>>
>> http://www.openbsd.org/events.html
>
> Definitely not at all.
>
> I haven't worked the most on privsep, by far.
>
> and the examples I've worked on are highly specific and probably
> not applicable to most of the base code.
>
>

I was wrong then. My apologies. Still, it's worth giving a look at the
events page. I have learnt a lot about OpenBSD going through all
presentations and papers, despite understanding only 0.1% of the
technical details.

--
Ottavio Caruso

No comments:

Post a Comment