Privilege separation is a programming technique which splits a program into distrinct units. Each unit then performs part of the task, but in a distinct security domain. Theo presents the recent development of the pledge(2) subsystem in OpenBSD which led to some surprising advances in this technique.

View the slides


About the speaker

Theo de Raadt
Theo de Raadt
Founder of OpenBSD and OpenSSH

About the conference

dotSecurity 2016
The Security Conference for Developers
Next edition: dotSecurity 2017 in Paris, France. Tickets available now!

Liked this talk? Share it!

Comments

comments powered by Disqus