logoalt Hacker News

JCattheATMtoday at 6:00 PM1 replyview on HN

Well, that's where OpenBSD falls short, it lacks facilities to really enforce defense in depth - even NetBSD has some better features in this regard.


Replies

yjftsjthsd-htoday at 7:00 PM

I don't think that's true? It runs most services as their own separate users, with pledge+unveil to limit what they can access even more. That's very much depth.