From owner-freebsd-hackers@FreeBSD.ORG Sun Apr 1 23:31:17 2007 Return-Path: X-Original-To: freebsd-hackers@freebsd.org Delivered-To: freebsd-hackers@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [69.147.83.52]) by hub.freebsd.org (Postfix) with ESMTP id B283B16A402 for ; Sun, 1 Apr 2007 23:31:17 +0000 (UTC) (envelope-from eilander@myguard.nl) Received: from smtpq1.groni1.gr.home.nl (smtpq1.groni1.gr.home.nl [213.51.130.200]) by mx1.freebsd.org (Postfix) with ESMTP id 7106913C458 for ; Sun, 1 Apr 2007 23:31:17 +0000 (UTC) (envelope-from eilander@myguard.nl) Received: from [213.51.130.189] (port=33418 helo=smtp2.groni1.gr.home.nl) by smtpq1.groni1.gr.home.nl with esmtp (Exim 4.30) id 1HY8tE-0002bw-FK; Mon, 02 Apr 2007 00:51:12 +0200 Received: from cp26621-a.gelen1.lb.home.nl ([84.28.158.218]:52303 helo=nomadPC) by smtp2.groni1.gr.home.nl with esmtp (Exim 4.30) id 1HY8tD-0002bx-2E; Mon, 02 Apr 2007 00:51:11 +0200 From: "Thijs Eilander" To: "'Stanislav Ochotnicky'" , References: <460EE276.1020802@kmit.sk> In-Reply-To: <460EE276.1020802@kmit.sk> Date: Mon, 2 Apr 2007 00:48:20 +0200 Message-ID: <01a501c774af$d8939d40$89bad7c0$@nl> MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit X-Mailer: Microsoft Office Outlook 12.0 Thread-Index: Acdz6Joz1glvxd2tRT6VBvCjHuY1hgAxL6bg Content-Language: en-us x-cr-hashedpuzzle: CvKC Ed+Y GUxd HTsS HdBw H602 L/vR Og5H O74e RZRy S6TS Tf7d T3tl UXC7 U66C WHPM; 2; ZgByAGUAZQBiAHMAZAAtAGgAYQBjAGsAZQByAHMAQABmAHIAZQBlAGIAcwBkAC4AbwByAGcAOwBzAHQAYQBuAGkAcwBsAGEAdgAuAG8AYwBoAG8AdABuAGkAYwBrAHkAQABrAG0AaQB0AC4AcwBrAA==; Sosha1_v1; 7; {2FB384C4-883D-4E8F-A158-15D57D28FA01}; ZQBpAGwAYQBuAGQAZQByAEAAbQB5AGcAdQBhAHIAZAAuAG4AbAA=; Sun, 01 Apr 2007 22:48:13 GMT; UgBFADoAIABEAGUAbgB5ACAAcwB5AHMAdABlAG0AIABjAGEAbABsACAAdQBzAGkAbgBnACAAcAB0AHIAYQBjAGUA x-cr-puzzleid: {2FB384C4-883D-4E8F-A158-15D57D28FA01} X-AtHome-MailScanner-Information: Neem contact op met support@home.nl voor meer informatie X-AtHome-MailScanner: Found to be clean X-Mailman-Approved-At: Mon, 02 Apr 2007 04:36:40 +0000 Cc: Subject: RE: Deny system call using ptrace X-BeenThere: freebsd-hackers@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Technical Discussions relating to FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 01 Apr 2007 23:31:17 -0000 >I'm trying to create sort of user-space access control system based on allowing/denying syscalls. I was able (after a few problems) to start ptracing >program, stop at every enter/exit from system call, inspect arguments etc. What I'm however trying to do, is denying access to syscalls. In linux I was If you are interested in doing some development to make it work, I am porting systrace to FreeBSD but due to time restrictions development is slow. More information about systrace can be found on http://www.citi.umich.edu/u/provos/systrace/ and www.systrace.org I almost finished the kernelpart, it is usable but still needs some fixes and cleaning up, but the userland code needs adding a lot of syscall translations. Regards, Thijs Eilander