Hackers' Pub

While writing my article, it became clear to me how much responsibility — and especially experience — is required to touch areas like UVM or NPF inside NetBSD.

I’ve learned a lot over the past weeks. But I’m also honest enough to say: I don’t yet have the depth of experience needed to modify those subsystems responsibly.

So I made a conscious decision.

I’ve created a new experimental branch for secmodel_jail / jailctl / jailmgr that is strictly additive:

- No changes to existing kernel code paths

- No UVM hooks

- No NPF integration

- No hidden coupling between subsystems

It adds new code only.

The reason is simple: even without deep UVM or NPF integration, the security model already delivers significant practical value for me. And in this reduced, explicit form, the attack surface is clear and the audit scope sharply defined.

This feels like the right first alpha candidate: understandable, bounded, and reversible.

https://github.com/MatthiasPetermann/netbsd-src/tree/feature/jails-v1-ga

#netbsd

Syntax	Description	Examples
`"` keyword `"`	Finds the string within quotes, including spaces. Case-insensitive. (Escape quotes inside with `\"`)	`"Hackers' Pub"`
`from:` handle	Finds content written by the specified user.	`from:hongminhee` `from:hongminhee@hollo.social`
`lang:` ISO 639-1	Finds content written in the specified language.	`lang:en`
`#` tag	Finds content with the specified tag. Case-insensitive.	`#HackersPub`
condition condition	Finds content that satisfies both conditions on either side of the space (logical AND).	`"Hackers' Pub" lang:en`
condition `OR` condition	Finds content that satisfies at least one of the conditions on either side of the OR operator (logical OR).	`#HackersPub OR "Hackers' Pub" lang:en`
`(` condition `)`	Combines the operators within the parentheses first.	`(#HackersPub OR "Hackers' Pub" OR "Hackers Pub") lang:en`