===================================================================
RCS file: /cvsrepo/anoncvs/cvs/www/64.html,v
retrieving revision 1.19
retrieving revision 1.20
diff -u -r1.19 -r1.20
--- www/64.html 2018/10/01 20:16:14 1.19
+++ www/64.html 2018/10/01 20:27:57 1.20
@@ -131,6 +131,11 @@
Security improvements:
+ - New unveil(2)
+ system call to restrict file system access of the calling
+ process to the specified files and directories. It is most
+ powerful when properly combined with privilege separation
+ and pledge(2).
- New "retguard" security mechanism on amd64 and arm64:
use per-function random cookies to protect access to function
return instructions, making them harder to use in ROP gadgets.