===================================================================
RCS file: /cvsrepo/anoncvs/cvs/www/59.html,v
retrieving revision 1.58
retrieving revision 1.59
diff -u -r1.58 -r1.59
--- www/59.html 2016/03/06 08:43:00 1.58
+++ www/59.html 2016/03/06 10:50:10 1.59
@@ -149,12 +149,13 @@
pledge(2)
support integrated:
- - tame(2) system call renamed to pledge(2).
-
- Many behaviours/semantics extended and refined.
-
- 453 out of 707 base system binaries adapted to use pledge.
-
- 14 ports adapted to use pledge (some decompression tools, mutt,
- some pdf tools, chromium/iridium, and the i3 window manager).
-
- Several bugs exposed by pledge(2) have been corrected, for example in
+
- The tame(2) system call was renamed to pledge(2).
+ Behavior and semantics were extended and refined.
+
- 453 out of 707 base system binaries were adapted to use pledge.
+
- 14 ports now use pledge(2): some decompression tools, mutt,
+ some pdf tools, chromium/iridium, and the i3 window manager.
+
- Various bugs exposed by pledge(2) were corrected.
+ For example in
bgpd(8),
@@ -165,34 +166,47 @@
ntpd(8),
and
syslogd(8).
-
- Several misguided "features" have been removed, such as
-
- support for HOSTALIASES from the resolver,
-
- support for "lookup yp" in /etc/resolv.conf,
-
- setuid-preserving code in binutils tools or
-
- ed-style diffs via proc/exec in patch(1).
-
- A somewhat intensive audit of userland program so that they could be
- properly annotated with pledge(2) was done, resulting in some design
- changes such as in
+
- Several misfeatures were removed, such as:
+
+
- Userland programs were audited so that they could be properly annotated
+ with pledge(2).
+ This resulted in design changes such as in
rdate(1),
sndiod(8)
- or the introduction of SOCK_DNS
+ or the introduction of the SOCK_DNS
socket(2)
flag that makes an SS_DNS tagged socket conceptually different
from a plain socket.
-
- It also has been used to constrain programs to a more limited POSIX
- subset, such as some
+
- pledge(2) is also used to constrain programs that handle untrusted data
+ to a very limited subset of POSIX.
+ For example,
+ strings(1)
+ or
+ objdump(1)
+ from the
binutils
- tools that handle untrusted data
- (strings(1),
- objdump(1), ...),
or the RSA-privsep process in
smtpd(1).