Date: Wed, 29 May 2002 22:55:01 -0600 (MDT) From: "M. Warner Losh" <imp@village.org> To: bfischer@Techfak.Uni-Bielefeld.DE Cc: freebsd-hackers@FreeBSD.ORG Subject: Re: sandboxing untrusted binaries Message-ID: <20020529.225501.134206046.imp@village.org> In-Reply-To: <20020530025817.GA4390@no-support.loc> References: <20020530025817.GA4390@no-support.loc>
next in thread | previous in thread | raw e-mail | index | archive | help
In message: <20020530025817.GA4390@no-support.loc>
Bjoern Fischer <bfischer@Techfak.Uni-Bielefeld.DE> writes:
: Hello,
:
: OpenBSD has a new interesting feature: systrace. It is a system call
: policy generator for "sandboxing" untrusted or semi-trusted binaries.
:
: The whole idea looks interesting. The implementation details look
: relatively simple (read: not too complicated). Anyone interested in
: having a closer look and maybe porting it?
:
: Or I will try to port it myself if at least one core member says:
: "Interesting technology, send a patch..."
:
: http://www.citi.umich.edu/u/provos/systrace/
The SecureBSD folks did something similar to an old version of
FreeBSD, but had such a restrictive license that no one ever
investigated merging it into the mainline.
Way cool idea.
Warner
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-hackers" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20020529.225501.134206046.imp>