On Wed, 25 Sep 2019 17:26:32 +0200 Hiltjo Posthuma <hil...@codemadness.org> wrote:
Dear Hiltjo, > Yes and to add to it: > Of course unveil and pledge also don't need (initial) root > permissions, which makes locking down basic programs very easy. that's what I like about them. Sure, there are good reasons not to allow chroot() for non-root-users, but one has to ask the question why it has been solved like this and not so elegantly like pledge() and unveil(). With best regards Laslo
