On Mon, 2005-01-17 at 22:03, Justin Conover wrote:
http://www.citi.umich.edu/u/provos/systrace/linux.html
Anybody, seen/use systrace on FC? What are your thoughts about using/adding it to FC?
From reading a bit about it, looks to be a very good/useful tool and
was wondering what others thought about it?
Providing security via system call interception and making security decisions based on pathnames considered harmful to security; see the Flask paper available from http://www.nsa.gov/selinux/papers/flask-abs.cfm. Sadly, the systrace site acknowledges the Flask paper, but misses the point entirely...