This is perhaps "old" but nevertheless an interesting read: <http://cr.yp.to/qmail/qmailsec-20071101.pdf> (direct pdf)
Specifically, I don't think there is any real current programming paradigm for trivially doing his jail-based approach. That is to say, I know, say, in .NET and Java we can do restrictions based on the security policy managers, but I don't really see many people using that directly inside their own work to communicate with themselves. Anyone have any thoughts on this matter? -- Noon Silk http://dnoondt.wordpress.com/ (Noon Silk) | http://www.mirios.com.au:8081 > "Every morning when I wake up, I experience an exquisite joy — the joy of being this signature."