Re: systrace + selinux + fedora core 4ish?

Tuesday, 18 January 2005

On Mon, 2005-01-17 at 22:03, Justin Conover wrote:
...
 http://www.systrace.org/

 http://www.citi.umich.edu/u/provos/systrace/linux.html

 Anybody, seen/use systrace on FC?  What are your thoughts about
 using/adding it to FC?

 >From reading a bit about it, looks to be a very good/useful tool and
 was wondering what others thought about it? 
Providing security via system call interception and making security
decisions based on pathnames considered harmful to security; see the
Flask paper available from
http://www.nsa.gov/selinux/papers/flask-abs.cfm.  Sadly, the systrace
site acknowledges the Flask paper, but misses the point entirely...

-- 
Stephen Smalley <sds(a)epoch.ncsc.mil&gt;
National Security Agency

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

2006

2005

2004

Re: systrace + selinux + fedora core 4ish?