On Thu, 8 Nov 2007, Andrea Campi wrote:
On Wed, Nov 07, 2007 at 10:20:28PM -0500, [EMAIL PROTECTED] wrote:
I'm considering developing a policy/module for TrustedBSD loosely based on
the systrace concept - A process loads a policy and then executes another
program in a sandbox with fine
On Nov 8, 2007 9:23 AM, Pawel Jakub Dawidek [EMAIL PROTECTED] wrote:
First problem is that it is hard to operate on file paths. MAC passes a
locked vnode to you and you cannot go from there to a file name easly.
You could do it by comparsion: call VOP_GETATTR(9) on the given vnode,
do the same
On Wed, Nov 07, 2007 at 10:20:28PM -0500, [EMAIL PROTECTED] wrote:
I'm considering developing a policy/module for TrustedBSD loosely based
on the systrace concept - A process loads a policy and then executes
another program in a sandbox with fine grained control over what that
program can do.
On Wed, Nov 07, 2007 at 10:20:28PM -0500, [EMAIL PROTECTED] wrote:
I'm considering developing a policy/module for TrustedBSD loosely based
on the systrace concept - A process loads a policy and then executes
another program in a sandbox with fine grained control over what that
program can do.
I'm considering developing a policy/module for TrustedBSD loosely based
on the systrace concept - A process loads a policy and then executes
another program in a sandbox with fine grained control over what that
program can do.
I'm aiming for a much simpler implementation, however. No interaction.
5 matches
Mail list logo