Dante Catalfamo <[email protected]> wrote: > Hello friends, > > I just published a blog post about the BSD Authentication framework > and I'm very excited to share it with you! > > I'm not an OpenBSD developer but I tried my best to understand the > system and how it works. Please let me know if I got anything wrong. > > https://blog.lambda.cx/posts/how-bsd-authentication-works/
I think many people don't understand what BSD auth is: It is an additional layer of privsep. And whenever we have code that does privsep, we have an additional opportunity to apply pledge/unveil to that process context.
