systrace + selinux + fedora core 4ish?
Stephen Smalley
sds at epoch.ncsc.mil
Tue Jan 18 14:08:12 UTC 2005
On Mon, 2005-01-17 at 22:03, Justin Conover wrote:
> http://www.systrace.org/
>
> http://www.citi.umich.edu/u/provos/systrace/linux.html
>
> Anybody, seen/use systrace on FC? What are your thoughts about
> using/adding it to FC?
>
> >From reading a bit about it, looks to be a very good/useful tool and
> was wondering what others thought about it?
Providing security via system call interception and making security
decisions based on pathnames considered harmful to security; see the
Flask paper available from
http://www.nsa.gov/selinux/papers/flask-abs.cfm. Sadly, the systrace
site acknowledges the Flask paper, but misses the point entirely...
--
Stephen Smalley <sds at epoch.ncsc.mil>
National Security Agency
More information about the fedora-selinux-list
mailing list