From owner-freebsd-security Tue May 11 14:30: 9 1999 Delivered-To: freebsd-security@freebsd.org Received: from gw.whitefang.com (calnet11-70.gtecablemodem.com [207.175.234.70]) by hub.freebsd.org (Postfix) with SMTP id 4137714BE1 for ; Tue, 11 May 1999 14:30:03 -0700 (PDT) (envelope-from shadows@whitefang.com) Received: (qmail 5976 invoked from network); 11 May 1999 21:30:01 -0000 Received: from rage.whitefang.com (shadows@192.168.1.3) by gw.whitefang.com with SMTP; 11 May 1999 21:30:01 -0000 Date: Tue, 11 May 1999 14:29:02 -0700 (PDT) From: Thamer Al-Herbish To: Darren Reed Cc: freebsd-security@FreeBSD.ORG Subject: Re: Wrapping syscalls In-Reply-To: <199905112123.HAA00753@cheops.anu.edu.au> Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org On Wed, 12 May 1999, Darren Reed wrote: > Logging would be interesting, as would write'ing data to be sent > back to the client :-) Lets hope they're not interested in using > CGI either :-) You would need some granulity I suppose. Just looked at the TIS post, it's been done and done well it seems. > This isn't a capability based solution in the traditional sense of > that term, more of a means being able to deny yourself use of certain > system calls. Absolutely not. -- Thamer Al-Herbish PGP public key: shadows@whitefang.com http://www.whitefang.com/pgpkey.txt [ The Secure UNIX Programming FAQ http://www.whitefang.com/sup/ ] To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message