===================================================================
RCS file: /cvsrepo/anoncvs/cvs/www/innovations.html,v
retrieving revision 1.26
retrieving revision 1.27
diff -u -r1.26 -r1.27
--- www/innovations.html	2016/01/08 13:06:28	1.26
+++ www/innovations.html	2016/01/16 22:10:12	1.27
@@ -311,7 +311,44 @@
   First implemented by
   <a href="http://www.citi.umich.edu/u/provos/ssh/privsep.html">Niels Provos</a>
   and Markus Friedl in OpenSSH in March 2002, released with OpenBSD 3.2.
-  The concept is now used in many programs.
+  The concept is now used in many OpenBSD programs, for example
+  <a href="http://www.openbsd.org/cgi-bin/man.cgi/OpenBSD-current/man8/bgpd.8">bgpd(8)</a>,
+  <a href="http://www.openbsd.org/cgi-bin/man.cgi/OpenBSD-current/man8/dhclient.8">dhclient(8)</a>,
+  <a href="http://www.openbsd.org/cgi-bin/man.cgi/OpenBSD-current/man8/dhcpd.8">dhcpd(8)</a>,
+  <a href="http://www.openbsd.org/cgi-bin/man.cgi/OpenBSD-current/man8/dvmrpd.8">dvmrpd(8)</a>,
+  <a href="http://www.openbsd.org/cgi-bin/man.cgi/OpenBSD-current/man8/eigrpd.8">eigrpd(8)</a>,
+  <a href="http://www.openbsd.org/cgi-bin/man.cgi/OpenBSD-current/man1/file.1">file(1)</a>,
+  <a href="http://www.openbsd.org/cgi-bin/man.cgi/OpenBSD-current/man8/httpd.8">httpd(8)</a>,
+  <a href="http://www.openbsd.org/cgi-bin/man.cgi/OpenBSD-current/man8/iked.8">iked(8)</a>,
+  <a href="http://www.openbsd.org/cgi-bin/man.cgi/OpenBSD-current/man8/ldapd.8">ldapd(8)</a>,
+  <a href="http://www.openbsd.org/cgi-bin/man.cgi/OpenBSD-current/man8/ldpd.8">ldpd(8)</a>,
+  <a href="http://www.openbsd.org/cgi-bin/man.cgi/OpenBSD-current/man8/mountd.8">mountd(8)</a>,
+  <a href="http://www.openbsd.org/cgi-bin/man.cgi/OpenBSD-current/man8/npppd.8">npppd(8)</a>,
+  <a href="http://www.openbsd.org/cgi-bin/man.cgi/OpenBSD-current/man8/ntpd.8">ntpd(8)</a>,
+  <a href="http://www.openbsd.org/cgi-bin/man.cgi/OpenBSD-current/man8/ospfd.8">ospfd(8)</a>,
+  <a href="http://www.openbsd.org/cgi-bin/man.cgi/OpenBSD-current/man8/ospf6d.8">ospf6d(8)</a>,
+  <a href="http://www.openbsd.org/cgi-bin/man.cgi/OpenBSD-current/man8/pflogd.8">pflogd(8)</a>,
+  <a href="http://www.openbsd.org/cgi-bin/man.cgi/OpenBSD-current/man8/radiusd.8">radiusd(8)</a>,
+  <a href="http://www.openbsd.org/cgi-bin/man.cgi/OpenBSD-current/man8/relayd.8">relayd(8)</a>,
+  <a href="http://www.openbsd.org/cgi-bin/man.cgi/OpenBSD-current/man8/ripd.8">ripd(8)</a>,
+  <a href="http://www.openbsd.org/cgi-bin/man.cgi/OpenBSD-current/man1/script.1">script(1)</a>,
+  <a href="http://www.openbsd.org/cgi-bin/man.cgi/OpenBSD-current/man8/smtpd.8">smtpd(8)</a>,
+  <a href="http://www.openbsd.org/cgi-bin/man.cgi/OpenBSD-current/man8/syslogd.8">syslogd(8)</a>,
+  <a href="http://www.openbsd.org/cgi-bin/man.cgi/OpenBSD-current/man8/tcpdump.8">tcpdump(8)</a>,
+  <a href="http://www.openbsd.org/cgi-bin/man.cgi/OpenBSD-current/man1/tmux.1">tmux(1)</a>,
+  <a href="http://www.openbsd.org/cgi-bin/man.cgi/OpenBSD-current/man1/xconsole.1">xconsole(1)</a>,
+  <a href="http://www.openbsd.org/cgi-bin/man.cgi/OpenBSD-current/man1/xdm.1">xdm(1)</a>,
+  <a href="http://www.openbsd.org/cgi-bin/man.cgi/OpenBSD-current/man1/Xserver.1">Xserver(1)</a>,
+  <a href="http://www.openbsd.org/cgi-bin/man.cgi/OpenBSD-current/man8/ypldap.8">ypldap(8)</a>,
+  etc.
+<li>Privilege revocation:
+  Related to the work on privilege separation, some programs were refactored
+  to drop privileges while holding onto a tricky resource such as a raw socket,
+  reserved port, or modification-locked bpf(4) descriptor,
+  for example
+  <a href="http://www.openbsd.org/cgi-bin/man.cgi/OpenBSD-current/man8/ping.8">ping(8)</a>,
+  <a href="http://www.openbsd.org/cgi-bin/man.cgi/OpenBSD-current/man8/traceroute.8">traceroute(8)</a>,
+  etc.
 <li>Stack protector:  Developed since 2001 as "propolice" by Hiroaki Etoh.
   Integrated, and implemented for additional hardware platforms,
   by Miod Vallat and Theo de Raadt.  OpenBSD 3.3 was the first operating
