nymtech
sandbox nym-mixnode on OpenBSD
These patches pledge(2) and unveil(2) the nym-mixnode daemon so that it can be run with more confidence that it won't disrupt or interfere with other processes running on the same system. Roughly speaking, pledge is like Linux seccomp and unveil can be compared with Landlock.
I know this is a bit of a wild shot, but would the project be interested in incorporating patches like these?
The latest updates on your projects. Learn more about Vercel for Git ↗︎
| Name | Status | Preview | Comments | Updated (UTC) |
|---|---|---|---|---|
| nym-explorer | ❌ Failed (Inspect) | Feb 19, 2024 11:35am |
![vercel[bot] avatar](https://avatars.githubusercontent.com/in/8329?v=4 "Published by a pub.dev verified publisher"){kind=small}
Sorry for the delay, I think this could be interesting. And maybe we can place it behind #[cfg(target_os = openbsd)]?
@octol do you think we should apply this to nym-nodes? as mixnode are now deprecated?
@octol do you think we should apply this to nym-nodes? as mixnode are now deprecated?
I think it's an interesting thing yep, but I don't have a OpenBSD environment to experiment on currently