Source code sandboxing

Contributed by rueda on 2025-06-10 from the keep-it-clean dept.

Kristaps Dzonsons (known for mandoc(1), rpki-client(8), and much more) has written an article, Source code sandboxing, on sandboxing from the perspective of developers. It compares the facilities available under several operating systems, and requests relevant contributions.

As Undeadly readers might expect, OpenBSD's pledge(2) and unveil(2) receive favourable appraisal.

Kristaps' article refers to Sandboxing Adoption in Open Source Ecosystems, an academic article published on the subject.

[In 2016, Undeadly published Kristaps Dzonsons on pledge(2).]

Latest Articles

Fri, Jun 13
- 11:18 dhcpd(8): use UDP sockets instead of BPF (1)
Thu, Jun 12
- 12:32 clang(1)/llvm/lld(1) updated to version 19 (0)
Wed, Jun 11
- 12:22 Source code sandboxing (0)
Tue, Jun 10
- 06:50 TearFree option backported to modesetting(4) driver (0)
Mon, Jun 09
- 07:32 FFS optimizations with dirhash, as blogged by rsadowski@ (1)
Thu, Jun 05
- 16:55 Game of Trees 0.113 released (0)
- 07:09 Installing *BSD in 2025 part 2 – A critical look at OpenBSD’s installer (0)
Sun, Jun 01
- 10:42 j2k25 - OpenBSD Hackathon Japan 2025 (rsadowski@) (0)
Thu, May 29
- 08:06 Making openat(2) and friends more useful in practice (1)

Credits

Copyright © 2004-2008 Daniel Hartmeier. All rights reserved. Articles and comments are copyright their respective authors, submission implies license to publish on this web site. Contents of the archive prior to April 2nd 2004 as well as images and HTML templates were copied from the fabulous original deadly.org with Jose's and Jim's kind permission. This journal runs as CGI with httpd(8) on OpenBSD, the source code is BSD licensed. undeadly \Un*dead"ly\, a. Not subject to death; immortal. [Obs.]