[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

systrace enforce in 3.3 ?

To: misc_(_at_)_openbsd_(_dot_)_org
Subject: systrace enforce in 3.3 ?
From: julien Touche <julien_(_dot_)_touche_(_at_)_lycos_(_dot_)_com>
Date: Mon, 03 Feb 2003 22:13:01 +0100

Is there plan to enforce all base exec to use systrace in future releases ? (as more better security and suppress setuid/gid exec)

on 3.2, by default, nothing use sytrace (cf 'ps -ax|grep Ix') and as far as i understand systrace usage, you need to launch each exec, prefixed by systrace, so an option (or not) for rc/rc.conf will be a good deal to ensure base services use it. but it's a lot more complex for common user software ... (or is ther any way to prefix all cmd easily ?)


Regards

		Julien

Note: if i try to use systrace with no option, i get the following error each time: bash-2.05b$ systrace top systrace: execvp: /usr/X11R6/bin/xsystrace: No such file or directory Killed (my box, being headless, i have no X)

Prev by Date: Re: Strange Lag with 3.2
Next by Date: Re: Strange Lag with 3.2
Previous by thread: Re: Building a new Kernel
Next by thread: Re: cd burning
Index(es):
- Date
- Thread

Visit your host, monkey.org