OpenBSD Journal
Home : : Add Story : : Archives : : About : : Create Account : : Login :
Kristaps Dzonsons on pledge(2)
Contributed by rueda on Sat Nov 26 03:28:17 2016 (GMT)
from the the joy of pledge(2) dept.

Kristaps Dzonsons, of mandoc and acme-client (and more) fame, has written a detailed article entitled "why pledge(2) …or, how I learned to love web application sandboxing".

The tl;dr section starts:

For practical web applications, pledge(2) presents the best compromise of development simplicity and security coverage. This alone gives BCHS applications even more of a boost beyond the many other advantages of programming on OpenBSD.

The article discusses the advantages of pledge(2) over other sandboxing systems.


<< OpenBSD Foundation Welcomes First Iridium Donor: Smartisan | Reply | Flattened | Expanded | LibreSSL documentation status report >>

Threshold: Help

Related Links
more by rueda

  Re: Kristaps Dzonsons on pledge(2) (mod 2/112)
by bmarshall ( on Sun Nov 27 16:35:21 2016 (GMT)
  Hacker News discussion:
  [ Show thread ] [ Reply to this comment ] [ Mod Up ] [ Mod Down ]

  Re: Kristaps Dzonsons on pledge(2) (mod -3/79)
by affordable booklet printing canada ( ( on Wed Mar 22 03:01:17 2017 (GMT)
  I was just browsing through the internet looking for some information and came across your blog. I am impressed by the information that you have on this blog. It shows how well you understand this subject. Bookmarked this page, will come back for more.affordable booklet printing canada
  [ Show thread ] [ Reply to this comment ] [ Mod Up ] [ Mod Down ]

[ Home | Add Story | Archives | Polls | About ]

Copyright © 2004-2008 Daniel Hartmeier. All rights reserved. Articles and comments are copyright their respective authors, submission implies license to publish on this web site. Contents of the archive prior to April 2nd 2004 as well as images and HTML templates were copied from the fabulous original with Jose's and Jim's kind permission. Some icons from used with permission from Kathleen. This journal runs as CGI with httpd(8) on OpenBSD, the source code is BSD licensed. Search engine is ht://Dig. undeadly \Un*dead"ly\, a. Not subject to death; immortal. [Obs.]