Hey y'all, Sorry if this has been answered before but I couldn't find a satisfactory answer searching for it, and this is more of an academic question. So security focused Linux distros like Qubes go to extremes to compartmentalize/isolate any and all programs it can. FreeBSD has it's jail program which is seemingly the gold standard for process isolation when you can't be bothered to go to the extent Qubes does. I've been trying to read as much OpenBSD source as I can as I find some of the security tricks y'all've come up with damn interesting. I know that once upon a time we had sysjail, but nowadays we have just have chroot which most systems do. What is OpenBSD's solution to this? I'm sure I've read through it I just didn't realize the purpose.
I apologize if this was a question I've somehow missed the answer to!
