madaidan
madaidan
There isn't really one. You should just look at the commit history.
How is https://github.com/madaidan/linux-hardened/commit/8a8366c41fe8327b94b2d5c93024ac7d9d034cec and https://github.com/madaidan/linux-hardened/commit/b871871fe0ff6fa64dbbb1a99b4b6e3f8d88eec7?
> I think it would be more useful if the admin had a way to whitelist some paths for certain users That'd be far better done using MAC. It'd be...
It is much better than Linux but OpenBSD isn't really the best choice. It doesn't have any meaningful security model for applications and instead just focuses on low level kernel...
@esote > They introduced the pledge(2) and unveil(2) system calls specifically to secure user space. They're only used if the application specifically uses it. Compare that to a MAC system...
> which much of the OpenBSD base system does That won't help restricting a newly installed application that contains malware or the many programs that don't use them such as...