1. 10
  1. 5

    While the paper is ~7 years old (I think), the designs are still applicable and the tools have improved on all platforms (e.g. on OpenBSD there’s pledge(2) now and no longer systrace(1)).

    It would be interesting to see a historical review of how privsep has become more wide-spread both server-side and client/user-agent side.

    1. 2

      needs (2015) in the title