Sorry, but posix_spawn* is not up to snuff, and probably will never be. The paper here even hints at it, "And the space between fork and exec serves a useful purpose .."
-
-
-
As I've said before, if the choice is between privsep software, designed using fork as first step (adding exec later). And the giant monoliths we see outside of the OpenBSD tree, I'd take the former. The security benefits are enormous.
End of conversation
New conversation -
-
-
And yet I am fairly sure it enables the most secure priviledge separated software on
#OpenBSD -
Evidence suggests microkernels aren't a great idea anyway.
#OpenBSDs monolithic kernel is only ~2 megabytes with only the required drivers with all the security in tact!
End of conversation
New conversation -
-
-
While the work has many valid points, it doesn't offer any alternative suggestions about how to implement Chrome's and Android's zygote process that is used to speedup startup of Java applications or browser tab processes.
Thanks. Twitter will use this to make your timeline better. UndoUndo
-
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.