On Sat, 24 Sep 2016, stephen Turner <stephen.n.tur...@gmail.com> wrote: > What do you recommend for best knowledge of unsharing resources?
Start here: OpenBSD: pledge(2), imsg_init(3) Linux: unshare(2), prctl(2) This is just some basic pointers to get you started. Nothing will ever replace good architecture and careful design. See e.g. how OpenSMTPD uses a "fork+reexec" technique to allow privsep'd subprocesses to each have their own randomized address space: https://www.poolp.org/tech/posts/2016/09/12/opensmtpd-6-0-0-released/ <3,K.