<?xml version="1.0" encoding="UTF-8"?>
<rss version="2.0">
  <channel>
    <title>undeadly honk</title>
    <link>https://honk.any-key.press/u/undeadly</link>
    <description>undeadly honk rss</description>
    <image>
      <url>https://honk.any-key.press/icon.png</url>
      <title>undeadly honk rss</title>
      <link>https://honk.any-key.press/u/undeadly</link>
    </image>
    <item>
      <title>undeadly honked https://honk.any-key.press/u/undeadly/h/NBzK6x2KM8C7YMcRQQ</title>
      <description><![CDATA[<p><a href="https://undeadly.org/cgi?action=article;sid=20260708055608" rel=noreferrer>OpenBSD's pledge(2) and unveil(2) are developer-friendly, study finds</a></p>
Academic studies of
<a href="https://www.openbsd.org/" rel=noreferrer>OpenBSD</a>
's features and their practical impact on security are somewhat rare, but we were pleasantly surprised to see the recent paper
<em><a href="https://arxiv.org/abs/2607.03056" rel=noreferrer>A Measurement Study on the Adoption of Pledges and Unveils in the OpenBSD Operating System</a></em>
, by Jukka Ruohonen, Krzysztof Sierszecki, Abhishek Tiwari (all at
<em><a href="https://www.sdu.dk/en/" rel=noreferrer>University of Southern Denmark</a></em>
).
<p>
The paper studies the adoption of the <code><a href="https://man.openbsd.org/pledge" rel=noreferrer>pledge(2)</a></code> and <code><a href="https://man.openbsd.org/unveil" rel=noreferrer>unveil(2)</a></code> in the OpenBSD base system and packages over time, and finds that the features provided actually seem to facilitate adoption of secure coding practices. 
</p>
<p>
The paper's abstracts concludes, 
</p>
<p>
</p>
<blockquote><em>All in all, the measurement results indicate that the adoption of system call minimization and sandboxing techniques is not necessarily as troublesome as has often been discussed in the literature.</em></blockquote>
<p>
The full text of the paper is available too, as <a href="https://arxiv.org/pdf/2607.03056" rel=noreferrer>PDF</a>, <a href="https://arxiv.org/html/2607.03056v1" rel=noreferrer>HTML</a>, or <a href="https://arxiv.org/src/2607.03056" rel=noreferrer>TeX source</a></p>
<p></p>
<p></p>
<p></p>
]]></description>
      <link>https://honk.any-key.press/u/undeadly/h/NBzK6x2KM8C7YMcRQQ</link>
      <pubDate>Wed, 08 Jul 2026 06:00:05 +0000</pubDate>
      <guid isPermaLink="true">https://honk.any-key.press/u/undeadly/h/NBzK6x2KM8C7YMcRQQ</guid>
    </item>
    <item>
      <title>undeadly honked https://honk.any-key.press/u/undeadly/h/84GM38dK6W4N2TVCd7</title>
      <description><![CDATA[<p><a href="https://undeadly.org/cgi?action=article;sid=20260706190144" rel=noreferrer>OpenSSH 10.4/10.4p1 released!</a></p>
The
<a href="https://www.openssh.com" rel=noreferrer>OpenSSH</a>
project has released OpenSSH 10.4.
<br>
<br>
<br>
From the <a href="https://www.openssh.org/releasenotes.html#10.4" rel=noreferrer>Release Notes</a>:<br>
<br><br>

<br><p><a href="https://undeadly.org/cgi?action=article;sid=20260706190144" rel=noreferrer>Read more…</a></p>
<br>]]></description>
      <link>https://honk.any-key.press/u/undeadly/h/84GM38dK6W4N2TVCd7</link>
      <pubDate>Mon, 06 Jul 2026 20:00:05 +0000</pubDate>
      <guid isPermaLink="true">https://honk.any-key.press/u/undeadly/h/84GM38dK6W4N2TVCd7</guid>
    </item>
  </channel>
</rss>
