[Midnightbsd-kernel] systrace, still under development?
Thorsten Glaser
tg at mirbsd.de
Sun Oct 26 01:22:00 EDT 2008
Niels Provos dixit:
>Hi Thorsten,
>
>my apologies for not getting back to you earlier; I am only slowly
>getting back to my email.
Don’t worry, better late than never ☺
> I still develop Systrace at
>
> http://code.google.com/p/systrace/
Ah, good to know. I’ll have a look at it later.
>However, work tends to keep me fairly busy, and I can only devote a
>small amount of time to my open source projects.
Same here…
>For Linux, I developed a ptrace backend that is not very secure, but
>is sufficient for sandboxing untrusted applications such as Firefox
>running over Tor. Ideally, there would be a kernel interface in Linux
>that has the capabilities required by Systrace, but I am not aware of
>such a thing.
While I thought of an LKM doing /dev/systrace, this certainly meets
the needs of what I’m doing with systrace on BSD at the moment.
So, again, I’ll have a look into it sometime.
Thanks!
bye,
//mirabilos
--
"Using Lynx is like wearing a really good pair of shades: cuts out
the glare and harmful UV (ultra-vanity), and you feel so-o-o COOL."
-- Henry Nelson, March 1999
More information about the Midnightbsd-kernel
mailing list