Re: Competition

To: Matthew Mondor <mm_lists%pulsar-zone.net@localhost>
Subject: Re: Competition
From: David Laight <david%l8s.co.uk@localhost>
Date: Sat, 27 Aug 2011 11:29:21 +0100

> 
> One thing that I somewhat miss is systrace, however.  kauth is nice but
> it's also quite different; it was easy to configure per-application
> profiles with systrace without the need for kernel hacking.  I
> understand that with our limited resources and its problematic pre-SMP
> design it was no longer ideal and couldn't be fixed easily, though.

systrace was removed because it is far too easy for a program
to circumvent the policy, this has probably always been true.
The interface itself could have been used for a system call trace
(like solaris truss), but it isn't a good idea to use it to
enforce security.

        David

-- 
David Laight: david%l8s.co.uk@localhost

References:
- Competition (was: Ports & Packages ...)
  - From: Magnus Eriksson
- Re: Competition
  - From: Scrap Happy
- Re: Competition
  - From: Daniel Carrera
- Re: Competition
  - From: Matthew Mondor

Prev by Date: Re: Competition
Next by Date: continuing offers for 'James'
Previous by Thread: Re: Competition
Next by Thread: Re: BSD media is going to 200 cities for http://softwarefreedomday.org (fwd)
Indexes:

Home | Main Index | Thread Index | Old Index