On Wed, Dec 15, 2010 at 06:26:24AM +0300, Mikle Krutov wrote: > Hello, list! > > I'm interested, why is it said on sysjail projects site that > >Sources tested variously on i386, AMD64, alpha, and others. It will only > >work with OpenBSD 3.9, 4.0, 4.1, 4.2, and 4.3. The most current version > >is 1.2.35, dated 29 May 2010. > While > >dated 29 May 2010 > ? > Is that information wrong? If not, what are the reasons that it does not > work on nowdays realeases?
http://en.wikipedia.org/wiki/Sysjail "The project was officially discontinued on 2009-03-03 due to flaws inherent to syscall wrapper-based security architectures. The restrictions of sysjail could be evaded by exploiting race conditions between the wrapper's security checks and kernel's execution of the syscalls.[1]" 1. http://www.watson.org/~robert/2007woot/ -- Jason Dixon DixonGroup Consulting http://www.dixongroup.net/
