top | item 46446791

(no title)

msmitty | 2 months ago

That’s a fair take, yes. Ilja said that the entire subsystem for Linux on FreeBSD is also jail aware, but he didn’t even begin to look into that.

His process is briefly touched on in the talk. If I understood correctly he compiled a list of the most common jail privilege flags that exist and then searched the FreeBSD source code for those, investigating the code in those places. No automated tooling was used, this was just done by reading the source code. Which Ilja has been doing as “light bed time reading” :p for as long as I’ve known him (25+ years).

discuss

polyduekes|1 month ago

how does someone gets so good to be able to find so many issues by just reading the code? practise isnt all it takes i assume