On Thu, Mar 23, 2006 at 10:14:12AM -0300, Joco Salvatti wrote:
> Hi all,
>
> I've tried to find any definition on the Internet before but I really
> couldn't find a paper or anything that could clear up my doubts. If
> anyone here could help me I'd be very thankful. The questions are the
> following:
>
> 1. What is privilege separation?
> 2. What is privilege revocation?
> 3. What is ProPolice?
>
> Thanks.
See Wikipedia's OpenBSD entry and the ProPolice page linked from there.
Basically, the first two involve running with less priviliges than the
process was started with, and the last one protects from certain buffer
overflows, which is a common exploitable bug in C programs.
Nothing Google couldn't answer. Please search first; if you genuinely
want to know something that cannot be found elsewhere, please ask again.
Joachim
