Date: Thu, 8 Nov 2007 14:06:27 +0000 From: Andrea Campi <andrea+freebsd_hackers@webcom.it> To: dexterclarke@Safe-mail.net Cc: freebsd-hackers@freebsd.org, trustedbsd-discuss@freebsd.org Subject: Re: A TrustedBSD "voluntary sandbox" policy. Message-ID: <20071108140627.GI82877@webcom.it> In-Reply-To: <N1-_PYrd0nIeB@Safe-mail.net> References: <N1-_PYrd0nIeB@Safe-mail.net>
next in thread | previous in thread | raw e-mail | index | archive | help
On Wed, Nov 07, 2007 at 10:20:28PM -0500, dexterclarke@Safe-mail.net wrote: > I'm considering developing a policy/module for TrustedBSD loosely based > on the systrace concept - A process loads a policy and then executes > another program in a sandbox with fine grained control over what that > program can do. ... > Please note that the 'policy' given on the command line is purely for > the sake of example, no syntax or semantics have been decided upon. Can't comment on the implementation or wider issues, but if you pursue this, please have a look at how MacOS Leopard does it (Seatbelt). Would be nice to converge on both syntax (a Schema dialect) and tools names / command line args--or if converging is not possible, at least know where and why and make a conscious decision. Bye, Andrea -- If it's there, and you can see it, it's real. If it's not there, and you can see it, it's virtual. If it's there, and you can't see it, it's transparent. If it's not there, and you can't see it, you erased it.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20071108140627.GI82877>