On Mon, 2005-01-17 at 22:03, Justin Conover wrote:
http://www.systrace.org/
http://www.citi.umich.edu/u/provos/systrace/linux.html
Anybody, seen/use systrace on FC? What are your thoughts about
using/adding it to FC?
>From reading a bit about it, looks to be a very good/useful tool and
was wondering what others thought about it?
Providing security via system call interception and making security
decisions based on pathnames considered harmful to security; see the
Flask paper available from
http://www.nsa.gov/selinux/papers/flask-abs.cfm. Sadly, the systrace
site acknowledges the Flask paper, but misses the point entirely...
--
Stephen Smalley <sds(a)epoch.ncsc.mil>
National Security Agency