A naukri.com initiative
Itsfoss
1M
357
Image Credit: Itsfoss
From OpenBSD to Linux: How Pledge can Enhance Linux Security
- Pledge is a tool that restricts the system calls a program can make, enhancing security by limiting potential damage from malicious software.
- Originally supported on OpenBSD, a hack by Justine Tunney allows Pledge to be utilized on Linux systems.
- Pledge can be used to test applications within defined security parameters, preventing unwanted system calls.
- By using pledge.com, users can restrict system calls on various platforms, including Windows, Linux, Mac, FreeBSD, OpenBSD, NetBSD, and BIOS.
- To use Pledge on Linux, download pledge.com, make it executable, add it to the path, and run and test it with specific promises.
- The promises assigned to a program determine what system calls it can make, enhancing control and security.
- Porting OpenBSD pledge() to Linux allows for easy sandboxing, providing additional security measures.
- Pledge follows the Least Privilege model, preventing misuse of system resources and limiting damage from malicious applications.
- Linux users can benefit from Pledge's simplicity and granular control over processes to enhance system security.
- Bhuwan Mishra, a Fullstack developer, specializes in building and securing web applications, APIs, and CI/CD pipelines using tools like Python and Go.
Read Full Article
21 Likes
For uninterrupted reading, download the app