From b167b6aa86b9b621b407439c76fdaf363662a265 Mon Sep 17 00:00:00 2001
From: Dante Catalfamo
Date: Sun, 28 Jun 2020 18:56:45 -0400
Subject: More detail on isolation comment

---
 content/posts/how-bsd-authentication-works/index.org | 5 +++--
 1 file changed, 3 insertions(+), 2 deletions(-)

diff --git a/content/posts/how-bsd-authentication-works/index.org b/content/posts/how-bsd-authentication-works/index.org
index 616c596..f79841b 100644
--- a/content/posts/how-bsd-authentication-works/index.org
+++ b/content/posts/how-bsd-authentication-works/index.org
@@ -26,8 +26,9 @@ later donated the system. It was adopted by OpenBSD in release
 2.9. BSD Auth is comparatively much simpler than PAM. Modules or,
 authentication "styles", are instead stand alone applications or
 scripts that communicate over IPC (=PF_LOCAL, SOCK_STREAM=, more
-specifically). The program or script can then very easily isolate
-itself using something like =pledge(3)= or =unveil(3)=.
+specifically). The program or script has no ability to interfere with
+the parent and can very easily isolate itself using =pledge(3)= or
+=unveil(3)=.
 
 
 This one is pretty difficult, since there seems to be very little
-- 
cgit v1.2.3