diff options
| author | Theo de Raadt <deraadt@cvs.openbsd.org> | 2019-08-28 20:03:52 +0000 |
|---|---|---|
| committer | Theo de Raadt <deraadt@cvs.openbsd.org> | 2019-08-28 20:03:52 +0000 |
| commit | 2d01f53977fab7508200d47b547f1d34b50460d2 (patch) | |
| tree | 96d05f57614eb703afaadefe2e1b7619f195e8fc /bin/pax | |
| parent | d892054cb51088a2c066f1fc9f1e4beb0df51096 (diff) | |
At startup, unveil entire filesystem to read-only. If after privdrop, some
implausible bug existed in the socket setup (mostly dns-related and
setsockopt) it would be largely neutered. of course, a very restrictive
pledge is installed soon after that...
ok mestre brynet florian
Diffstat (limited to 'bin/pax')
0 files changed, 0 insertions, 0 deletions