Hello, OpenBSD has a new interesting feature: systrace. It is a system call policy generator for "sandboxing" untrusted or semi-trusted binaries.
The whole idea looks interesting. The implementation details look relatively simple (read: not too complicated). Anyone interested in having a closer look and maybe porting it? Or I will try to port it myself if at least one core member says: "Interesting technology, send a patch..." http://www.citi.umich.edu/u/provos/systrace/ Bj�rn Fischer To Unsubscribe: send mail to [EMAIL PROTECTED] with "unsubscribe freebsd-hackers" in the body of the message
