OpenBSD's pledge(2) and unveil(2) are developer-friendly, study finds
The paper studies the adoption of the
The paper's abstracts concludes,
The full text of the paper is available too, as PDF, HTML, or TeX source
pledge(2) and unveil(2) in the OpenBSD base system and packages over time, and finds that the features provided actually seem to facilitate adoption of secure coding practices.
All in all, the measurement results indicate that the adoption of system call minimization and sandboxing techniques is not necessarily as troublesome as has often been discussed in the literature.
undeadly rss