On Mar 31, 2021 3:02 AM, Ottavio Caruso <[email protected]> wrote:
On 31/03/2021 04:46, Marc Espie wrote: > On Tue, Mar 23, 2021 at 09:41:06AM +0000, Ottavio Caruso wrote: >> On 23/03/2021 05:53, misopolemiac wrote: >>> I'd appreciate some pointers to documentation or minimal examples of >>> the 3-process privilege separation model for OpenBSD's daemons. >>> Internet searches pointed to skeleton examples at >>> github.com/krwesterback/newd and github.com/krwesterback/newdctl, but >>> those repos are now dead and it's unclear how authoritative they were >>> in the first place. >>> >>> >> >> Blind leading the blind here, but I think a good starting point would be >> recent presentations by Marc Espie, who, I believe but I might be wrong, is >> the developer who worked the most on privsep. >> >> http://www.openbsd.org/events.html > > Definitely not at all. > > I haven't worked the most on privsep, by far. > > and the examples I've worked on are highly specific and probably > not applicable to most of the base code. > > I was wrong then. My apologies. Still, it's worth giving a look at the events page. I have learnt a lot about OpenBSD going through all presentations and papers, despite understanding only 0.1% of the technical details. -- Ottavio Caruso I often use the source for identd as a template. It's a fairly simple daemon. So it's easy to gut it and rework it to fit your needs. Edgar
