On Sat, 28 Feb 2004, jnf wrote:
> is there anything like this that exists for netbsd or am i stuck doing a
> roll your own type thing here?

verified exec:
	veriexecctl (8) - load verified exec fingerprints
	verifiedexec (4) - Verified exec signature loader device

sysctrace:
	systrace (1) - generate and enforce system call policies
	systrace (4) - enforce and generate policies for system calls

These two and maybe secure levels (see init(8)) come to mind.
Oh, and the immutable etc file flags, which can be added/removed by either
chmod or mtree. Lex Wennmach wrote a paper about that somewhen.


   - Hubert

-- 
Hubert Feyrer <hubert@feyrer.de>