Other Features
Privilege separation, privilege revocation, chrooting and randomized loading of libraries also play a role in increasing the security of the system. Many of these have been applied to the OpenBSD versions of common programs such as tcpdump and Apache, and to the BSD Authentication system. OpenBSD also supports sandboxing of untrusted applications using the Systrace facility, a framework allowing interposition of system calls for fine-grained restriction of processes. Systrace supports interactive generation of policies, and other features designed to allow privilege elevation.
Read more about this topic: Open BSD Security Features
Famous quotes containing the word features:
““It looks as if
Some pallid thing had squashed its features flat
And its eyes shut with overeagerness
To see what people found so interesting
In one another, and had gone to sleep
Of its own stupid lack of understanding,
Or broken its white neck of mushroom stuff
Short off, and died against the windowpane.””
—Robert Frost (1874–1963)
“However much we may differ in the choice of the measures which should guide the administration of the government, there can be but little doubt in the minds of those who are really friendly to the republican features of our system that one of its most important securities consists in the separation of the legislative and executive powers at the same time that each is acknowledged to be supreme, in the will of the people constitutionally expressed.”
—Andrew Jackson (1767–1845)