Rafael implemented fork+exec for httpd, to improve the isolation and address space randomization of its processes.https://twitter.com/openbsd_src/status/771293330491584513 …
-
-
Replying to @reykfloeter @canadianbryan
This. fork+keep_running is a serious security problem, resource hog, and source of subtle bugs.
1 reply 0 retweets 1 like -
Replying to @RichFelker @reykfloeter
This will be the 5th OpenBSD daemon now converted to using the fork+exec model, after bgpd/ldpd/eigrpd and smtpd.
1 reply 0 retweets 0 likes -
Apparently now that httpd has been converted, a whole slew of other daemons using common code will follow.
1 reply 0 retweets 0 likes -
Replying to @canadianbryan @reykfloeter
Excellent. I'm waiting for it to happen to sshd.
1 reply 0 retweets 0 likes -
Replying to @RichFelker @reykfloeter
I'm pretty sure sshd has already done that for a long time now.
1 reply 0 retweets 0 likes -
"Jun...2004 (12 years, 2 months ago) by djm re-exec sshd on accept(); initial work, final debugging and ok markus@"
1 reply 0 retweets 0 likes
Oh nice. Maybe it wouldn't be too hard to improve it to use posix_spawn & be nommu compatible...
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.