Question on Theo's dotSecurity paper

Discussion:

(too old to reply)

patrick keshishian

2016-07-21 17:59:32 UTC

Hi,

Quick question about Theo de Raadt's "Presentations: dotSecurity
2016"[1]. Slide 11 says "Most violations result in process being killed",
not all violations?

Just wanted clarification here.

Thanks,
--patrick

[1] http://www.openbsd.org/papers/dot2016.pdf

Ted Unangst

2016-07-22 00:45:41 UTC

Permalink

Post by patrick keshishian
Hi,
Quick question about Theo de Raadt's "Presentations: dotSecurity
2016"[1]. Slide 11 says "Most violations result in process being killed",
not all violations?
Just wanted clarification here.

If you look at kern_pledge.c, you'll see a couple instances where EPERM is
returned instead of killing the process.

patrick keshishian

2016-07-22 07:53:54 UTC

Permalink

Post by Ted Unangst

If you look at kern_pledge.c, you'll see a couple instances where EPERM is
returned instead of killing the process.

Thank you

2 Replies
5 Views
Permalink to this page
Disable enhanced parsing

Thread Navigation

patrick keshishian 2016-07-21 17:59:32 UTC

Ted Unangst 2016-07-22 00:45:41 UTC

patrick keshishian 2016-07-22 07:53:54 UTC

about - legalese