[nycbug-talk] BSD Chapter in HLE
Ray Lai
nycbug at cyth.net
Sun Sep 17 02:53:01 EDT 2006
On Fri, Sep 15, 2006 at 06:24:28PM -0400, Dru wrote:
> On Fri, 15 Sep 2006, Ray Lai wrote:
> >>What about OpenBSD propolice?
> >
> >It would be nice to describe some of these security enhancements in
> >depth (more in depth than Theo's slides, less in depth than the author's
> >web pages).
>
> Anyone aware of a succint, easy to read paragraph or two or have the time
> to contribute one for propolice?
Here's a good explanation by Marc Espie, who probably knows more about
ProPolice and W^X than me: http://www.onlamp.com/lpt/a/4676
One thing Marc briefly mentions in the interview is that there has been
substantial suid and sgid removal. If removal was not possible, suid
programs were changed to sgid (xterm is now sgid instead of suid).
-Ray-
More information about the talk
mailing list