From owner-freebsd-security Sat Sep 18 18:18:39 1999 Delivered-To: freebsd-security@freebsd.org Received: from mail.xmission.com (mail.xmission.com [198.60.22.22]) by hub.freebsd.org (Postfix) with ESMTP id BD41614E8C for ; Sat, 18 Sep 1999 18:18:33 -0700 (PDT) (envelope-from wes@softweyr.com) Received: from [204.68.178.39] (helo=softweyr.com) by mail.xmission.com with esmtp (Exim 2.12 #2) id 11SVcd-0006RZ-00; Sat, 18 Sep 1999 19:18:32 -0600 Message-ID: <37E439E6.8A6AAAE7@softweyr.com> Date: Sat, 18 Sep 1999 19:18:30 -0600 From: Wes Peters Organization: Softweyr LLC X-Mailer: Mozilla 4.5 [en] (X11; U; FreeBSD 3.1-RELEASE i386) X-Accept-Language: en MIME-Version: 1.0 To: "Jordan K. Hubbard" Cc: Warner Losh , "Rodney W. Grimes" , Brett Glass , security@FreeBSD.ORG Subject: Re: BPF on in 3.3-RC GENERIC kernel References: <2282.937639734@localhost> Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org "Jordan K. Hubbard" wrote: > > > A well-defined and well-architected syscall auditing mechanism would be a > > great security addition, and right up the alley of what I'm looking for. > > Well, that much I thought Robert Watson had > already done... See his postings in -current on the topic or go to > http://www.watson.org/fbsd-hardening/posix1e/ Nothing I've read so far dissuades me from thinking it will be quite good when done. Thanks for the URL, I'll study it. I'll be meeting with "the new guys" at FreeBSDCon, attempting to wheedle my way into the new job, and this will probably help a lot. Who knows, maybe I'll get a change to help implement it. -- "Where am I, and what am I doing in this handbasket?" Wes Peters Softweyr LLC wes@softweyr.com http://softweyr.com/ To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message