Quoting shinya1.tak...@toshiba.co.jp (shinya1.tak...@toshiba.co.jp): > I am one of developers of WhiteEgret. > > > regardling the last one, do you have a plan for handling it? > Yes, we have a plan to release WhiteEgret v4 patch with a WEUA sample of > access control for script programs.
Do you have a target date for posting that? > The latest WhiteEgret cannot control script programs since script files read > by an interpreter are not hooked by the execve system call. > We consider that script programs can be controlled by controlling the files > inputted by interpreters, accordingly. > We consider that the control can be realized using the read system call > hooking. So you have a design for being able to differentiate the interpreters reading versus reading with the intent to execute? With or without their help? > Now, we are developing WhiteEgret with the read system call hooking and WEUA > which controls the script files to be read to interpreters using information > from the read system call hooking and white list. -serge