498: Dropping Privileges

OpenZFS auditing for storage Performance, Privilege drop; privilege separation; and restricted-service operating mode in OpenBSD, OPNsense 23.1.1 release, Cloning a System with Ansible, FOSDEM 2023, BSDCan 2023 Travel Grants
NOTES
This episode of BSDNow is brought to you by Tarsnap (https://www.tarsnap.com/bsdnow) and the BSDNow Patreon (https://www.patreon.com/bsdnow)
Headlines
OpenZFS auditing for storage Performance (https://klarasystems.com/articles/openzfs-auditing-for-storage-performance/)
Privilege drop, privilege separation, and restricted-service operating mode in OpenBSD (https://sha256.net/privsep.html)
News Roundup
OPNsense 23.1.1 released (https://forum.opnsense.org/index.php?topic=32484.0)
Cloning a System with Ansible (https://kernelpanic.life/software/cloning-a-system-with-ansible.html)
FOSDEM 2023 (http://blog.netbsd.org/tnf/entry/fosdem_2023)
BSDCan 2023 Travel Grant Application Now Open (https://freebsdfoundation.org/blog/bsdcan-2023-travel-grant-application-now-open/)
The Undeadly Bits
Game of Trees milestone (http://undeadly.org/cgi?action=article;sid=20230120073530)
Game of Trees Daemon - video and slides (May make the older game of trees obsolete) (http://undeadly.org/cgi?action=article;sid=20230210065830)
amd64 execute-only committed to -current (http://undeadly.org/cgi?action=article;sid=20230121125423)
Using /bin/eject with USB flash drives (http://undeadly.org/cgi?action=article;sid=20230214061952)
Tunneling vxlan(4) over WireGuard wg(4) (http://undeadly.org/cgi?action=article;sid=20230214061330)
Console screendumps (http://undeadly.org/cgi?action=article;sid=20230128183032)
Execute-only status report (http://undeadly.org/cgi?action=article;sid=20230130061324)
OpenBSD in Canada (http://undeadly.org/cgi?action=article;sid=20230226065006)
Privilege drop, privilege separation, and restricted-service operating mode in OpenBSD (http://undeadly.org/cgi?action=article;sid=20230219234206)
Theo de Raadt on pinsyscall(2) (http://undeadly.org/cgi?action=article;sid=20230222064027)
Tarsnap
This weeks episode of BSDNow was sponsored by our friends at Tarsnap, the only secure online backup you can trust your data to. Even paranoids need backups.
Feedback/Questions
Kevin - PLUG (https://github.com/BSDNow/bsdnow.tv/blob/master/episodes/498/feedback/Kevin%20-%20PLUG.md)
Luna - FOSDEM (https://github.com/BSDNow/bsdnow.tv/blob/master/episodes/498/feedback/Luna%20-%20FOSDEM.md)
***
Send questions, comments, show ideas/topics, or stories you want mentioned on the show to [email protected] (mailto:[email protected])
***

OpenZFS auditing for storage Performance, Privilege drop; privilege separation; and restricted-service operating mode in OpenBSD, OPNsense 23.1.1 release, Cloning a System with Ansible, FOSDEM 2023, BSDCan 2023 Travel Grants

NOTES

This episode of BSDNow is brought to you by Tarsnap and the BSDNow Patreon

Headlines

OpenZFS auditing for storage Performance

Privilege drop, privilege separation, and restricted-service operating mode in OpenBSD

News Roundup

OPNsense 23.1.1 released

Cloning a System with Ansible

FOSDEM 2023

BSDCan 2023 Travel Grant Application Now Open

The Undeadly Bits

Game of Trees milestone

Game of Trees Daemon - video and slides (May make the older game of trees obsolete)

amd64 execute-only committed to -current

Using /bin/eject with USB flash drives

Tunneling vxlan(4) over WireGuard wg(4)

Console screendumps

Execute-only status report

OpenBSD in Canada

Privilege drop, privilege separation, and restricted-service operating mode in OpenBSD

Theo de Raadt on pinsyscall(2)

Tarsnap

This weeks episode of BSDNow was sponsored by our friends at Tarsnap, the only secure online backup you can trust your data to. Even paranoids need backups.

Feedback/Questions

Kevin - PLUG
Luna - FOSDEM
***

Send questions, comments, show ideas/topics, or stories you want mentioned on the show to [email protected]
***