Re: How BSD Authentication Works

2021-10-21 Thread Theo de Raadt
Dante Catalfamo  wrote:

> Hello friends,
> 
> I just published a blog post about the BSD Authentication framework
> and I'm very excited to share it with you!
> 
> I'm not an OpenBSD developer but I tried my best to understand the
> system and how it works. Please let me know if I got anything wrong.
> 
> https://blog.lambda.cx/posts/how-bsd-authentication-works/

I think many people don't understand what BSD auth is:

It is an additional layer of privsep.

And whenever we have code that does privsep, we have an additional
opportunity to apply pledge/unveil to that process context.



How BSD Authentication Works

2021-10-19 Thread Dante Catalfamo

Hello friends,

I just published a blog post about the BSD Authentication framework and 
I'm very excited to share it with you!


I'm not an OpenBSD developer but I tried my best to understand the 
system and how it works. Please let me know if I got anything wrong.


https://blog.lambda.cx/posts/how-bsd-authentication-works/

Best,
Dante