DaemonForums  

Go Back   DaemonForums > OpenBSD > OpenBSD Security

OpenBSD Security Functionally paranoid!

Reply
 
Thread Tools Display Modes
  #1   (View Single Post)  
Old 22nd January 2010
DraconianTimes's Avatar
DraconianTimes DraconianTimes is offline
Security Geek
 
Join Date: May 2008
Location: United Kingdom
Posts: 37
Thanked 2 Times in 2 Posts
Default systrace policy for irssi

I'm working my way through https://wiki.torproject.org/noreply/...bsdChrootedTor, but was wondering if any of you kind souls might have a systrace policy for irssi? I'm installing 4.6-STABLE with the latest version of irssi from ports.

Thanks!
Reply With Quote
  #2   (View Single Post)  
Old 23rd January 2010
Oko's Avatar
Oko Oko is offline
Fsck Surgeon
 
Join Date: May 2008
Location: Kosovo, Serbia
Posts: 733
Thanked 36 Times in 32 Posts
Default

Quote:
Originally Posted by DraconianTimes View Post
I'm working my way through https://wiki.torproject.org/noreply/...bsdChrootedTor, but was wondering if any of you kind souls might have a systrace policy for irssi? I'm installing 4.6-STABLE with the latest version of irssi from ports.

Thanks!
The document you are following is written for OpenBSD 3.7. We are essentially one month from the code lock for OpenBSD 4.7 release. You do understand that you are using 5 years old document?

I know people running irssi chroot-ed. I have never heard of anybody using
systrace to control irssi. You now realize why OpenBSD developers are so opposed to mandatory access control (MAC) It simply doesn't work because proper policies are so hard to write.

I would be curious myself to see if you get a different answer from somebody else. Above being said about MAC and in particular systrace I want to add that Systrace is very useful to people who are porting software to OpenBSD but that is another story.
Reply With Quote
  #3   (View Single Post)  
Old 24th January 2010
DraconianTimes's Avatar
DraconianTimes DraconianTimes is offline
Security Geek
 
Join Date: May 2008
Location: United Kingdom
Posts: 37
Thanked 2 Times in 2 Posts
Default

Quote:
Originally Posted by Oko View Post
The document you are following is written for OpenBSD 3.7. We are essentially one month from the code lock for OpenBSD 4.7 release. You do understand that you are using 5 years old document?
Yes, fully aware of that. I'm using it simply as a spring board for further research, and wanted to compare a working policy against the one I'm mangling...

Ta.
Reply With Quote
Reply

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
Policy routing bsd and cisco clone Guides 1 17th August 2009 04:57 PM
OpenSolaris equivalent of systrace? DraconianTimes Solaris 9 31st January 2009 05:36 AM
Systrace Oko OpenBSD Security 1 29th December 2008 01:52 PM
Enforce a better user password policy anomie Guides 8 7th November 2008 09:10 PM
Error while trying to icompile irssi from source FloridaBSD Solaris 7 27th May 2008 11:08 AM


All times are GMT. The time now is 06:58 AM.


Powered by vBulletin® Version 3.8.4
Copyright ©2000 - 2014, Jelsoft Enterprises Ltd.
Content copyright © 2007-2010, the authors
Daemon image copyright ©1988, Marshall Kirk McKusick