DaemonForums  

Go Back   DaemonForums > OpenBSD > OpenBSD Security

OpenBSD Security Functionally paranoid!

Reply
 
Thread Tools Display Modes
  #1   (View Single Post)  
Old 29th December 2008
Oko's Avatar
Oko Oko is offline
Fsck Surgeon
 
Join Date: May 2008
Location: Kosovo, Serbia
Posts: 770
Thanked 36 Times in 32 Posts
Default Systrace

Could anybody give me some kind of update on systrace? Is anybody
trying to fix security vulnerabilities or the tool is considered obsolete for
security purposes?
Reply With Quote
  #2   (View Single Post)  
Old 29th December 2008
jggimi's Avatar
jggimi jggimi is online now
More noise than signal
 
Join Date: May 2008
Location: USA
Posts: 3,697
Thanked 214 Times in 189 Posts
Default

Looking at cvs logs, it appears to me that systrace has not had any significant development work since 2006. The "sandbox" vulnerabilities were outlined in 2007. Comments in the cvs logs do not appear to address them.

Systrace is still of significant value. For example, anyone who does port development should USE_SYSTRACE to ensure that configure, build, and fake targets write only into pre-defined directory structures and make no network calls.
Reply With Quote
Reply

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
OpenSolaris equivalent of systrace? DraconianTimes Solaris 9 31st January 2009 05:36 AM


All times are GMT. The time now is 10:43 AM.


Powered by vBulletin® Version 3.8.4
Copyright ©2000 - 2014, Jelsoft Enterprises Ltd.
Content copyright © 2007-2010, the authors
Daemon image copyright ©1988, Marshall Kirk McKusick