yggdrasil-network/yggdrasil-go
1
0
Fork 0
mirror of https://github.com/yggdrasil-network/yggdrasil-go.git synced 2025-04-28 14:15:06 +03:00
Code Issues Projects Releases Packages Wiki Activity Actions
yggdrasil-go/cmd
History
Klemens Nanni b16a3b0d43 Use unveil(2) on OpenBSD 
After #1175 removed ioctl(2) fallback code shelling out to ifconfig(8),
there is no code left (compiled on OpenBSD) that would fork(2) or execve(2).

Drop the ability to run any executable file to double down on this, thus
reducing the attack surface of this this experimental, internet facing
daemon running as root.

pledge(2) is doable, but needs more polish.
unveil(2), however, is as simple as it gets.

On other systems, this code is a NOOP, but can still help to implement
similar safety belts.
2024-11-03 03:07:54 +03:00
..
genkeys Add output for threadcount and key generation time to cmd/genkey 2023-10-21 18:21:47 +01:00
yggdrasil Use unveil(2) on OpenBSD 2024-11-03 03:07:54 +03:00
yggdrasilctl zap obsolete nonexistent command from usage (#1184) 2024-10-17 13:22:22 +01:00