On Wed, Dec 14, 2005 at 11:50:53AM -0500, Will H. Backman wrote:
>
> Anyone dare try making a systrace policy for firefox?
>
and where's difficulty in writting such policy? It's 20'' of work: use
``wizard'' or automatic policy generation, and then clean up the ruleset
looking through syscalls and changing `eq' to `match'; for example
cleaning up fsread's on libs or font dirs and fs{read,write,rename} on
cache/download dir, and so on...
- Lukasz Sztachanski
--
0x058B7133 // 16AB 4EBC 29DA D92D 8DBE BC01 FC91 9EF7 058B 7133
http://szati.blogspot.com
http://szati.entropy.pl
