Quoting shinya1.tak...@toshiba.co.jp (shinya1.tak...@toshiba.co.jp):
> I am one of developers of WhiteEgret.
> > regardling the last one, do you have a plan for handling it?
> Yes, we have a plan to release WhiteEgret v4 patch with a WEUA sample of
> access control for script programs.
Do you have a target date for posting that?
> The latest WhiteEgret cannot control script programs since script files read
> by an interpreter are not hooked by the execve system call.
> We consider that script programs can be controlled by controlling the files
> inputted by interpreters, accordingly.
> We consider that the control can be realized using the read system call
So you have a design for being able to differentiate the interpreters reading
versus reading with the intent to execute? With or without their help?
> Now, we are developing WhiteEgret with the read system call hooking and WEUA
> which controls the script files to be read to interpreters using information
> from the read system call hooking and white list.