Quote:
Originally Posted by DraconianTimes
OK, thanks for the replies. Looks like I'm going to have to wait patiently for FGAP...
|
I read the link you posted.
Quote:
* only allow binding to port 80/tcp
* only allow read access to file foo
* only allow write access under $HOME/.mozilla
|
That is lame. Can't you do last to things just withe permissions? Even with
the root access the last two goals can be easily accomplished in BSD world with flags and
kernel security levels. First one looks to me could be easily done with PF.
Systrace is far more serious tool as originally designed.